CVE-2024-55232

Published: Dec 18, 2024Modified: Mar 28, 2025

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Exploitability: 2.8 / Impact: 2.5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.

Affected (1)

Products: Phpgurukul: Online Notes Sharing Management System

1 product

Online Notes Sharing Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpgurukul Online Notes Sharing Management System	Version 1.0

Related CWEs

Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

References (1)

https://github.com/CV1523/CVEs/blob/main/CVE-2024-55232.md

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.