francoisjacquet/rosariosis is vulnerable to Improper Access Control. The vulnerability exists because the UploadAssignmentTeacherFile
function in StudentAssignments.fnc.php
does not properly grant access to content and functions for some users, which allows an attacker to retrieve and upload any files without access credentials.
CPE | Name | Operator | Version |
---|---|---|---|
francoisjacquet/rosariosis | le | v10.8 | |
francoisjacquet/rosariosis | le | v10.8 |