CVE-2023-1854
SourceCodester Online Graduate Tracer System session expiration
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224994 is the identifier assigned to this vulnerability.
Es wurde eine Schwachstelle in SourceCodester Online Graduate Tracer System 1.0 gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei admin/. Dank der Manipulation mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-04-05 CVE Reserved
- 2023-04-05 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-11-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-613: Insufficient Session Expiration
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://vuldb.com/?id.224994 | Technical Description |
URL | Date | SRC |
---|---|---|
https://github.com/Jlan45/OGTSFCOIA/blob/main/unauthorizedaccess.md | 2024-08-02 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Online Graduate Tracer System Project Search vendor "Online Graduate Tracer System Project" | Online Graduate Tracer System Search vendor "Online Graduate Tracer System Project" for product "Online Graduate Tracer System" | 1.0 Search vendor "Online Graduate Tracer System Project" for product "Online Graduate Tracer System" and version "1.0" | - |
Affected
|