CVE-2021-40579

Published: Dec 28, 2021Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote).

Affected (1)

Products: Online Enrollment Management System Project: Online Enrollment Management System

Online Enrollment Management System Project

1 product

Online Enrollment Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Online Enrollment Management System Project Online Enrollment Management System	Version 1.0

Related CWEs

CWE-639

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (4)

https://medium.com/%40VAPT01/cve-2021-40579-9eac3409fd24

Source: cve@mitre.org

https://www.sourcecodester.com/

Source: cve@mitre.org

Third Party Advisory

https://medium.com/%40VAPT01/cve-2021-40579-9eac3409fd24

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.sourcecodester.com/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.