CVE-2024-41243

2024-08-0700:00:00

mitre

github.com

access control

kashipara

school management system

remote attackers

unauthenticated

marks details

AI Score

7.1

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.

References

github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Marks.pdf

www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code