Lucene search
Veracode Vulnerability DatabaseVERACODE:39469HistoryMar 01, 2023 - 3:18 a.m.
Improper Access Control
2023-03-0103:18:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
improper access control
vulnerability
uploadassignmentteacherfile
studentassignments.fnc.php
access credentials
0.001 Low
EPSS
Percentile
47.4%
francoisjacquet/rosariosis is vulnerable to Improper Access Control. The vulnerability exists because the UploadAssignmentTeacherFile function in StudentAssignments.fnc.php does not properly grant access to content and functions for some users, which allows an attacker to retrieve and upload any files without access credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| francoisjacquet/rosariosis | le | v10.8 | |
| francoisjacquet/rosariosis | le | v10.8 |
Related
osv
osv
CVE-2023-0994
2023-02-24 02:15:10
RosarioSIS Improper Access Control vulnerability
2023-02-24 03:30:14
cvelist
cvelist
huntr
huntr
Broken Access Control
2023-02-17 18:31:53
prion
prion
Design/Logic Flaw
2023-02-24 02:15:00
nvd
nvd
CVE-2023-0994
2023-02-24 02:15:10
github
github
RosarioSIS Improper Access Control vulnerability
2023-02-24 03:30:14
cve
cve
CVE-2023-0994
2023-02-24 02:15:10