CVE-2024-0472
code-projects Dormitory Management System modifyuser.php information disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-250577 was assigned to this vulnerability.
Se encontró una vulnerabilidad en code-projects Dormitory Management System 1.0. Ha sido calificada como problemática. Este problema afecta un procesamiento desconocido del archivo modifyuser.php. La manipulación del argumento mname conduce a la divulgación de información. La explotación ha sido divulgada al público y puede utilizarse. A esta vulnerabilidad se le asignó el identificador VDB-250577.
Eine Schwachstelle wurde in code-projects Dormitory Management System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei modifyuser.php. Durch Manipulieren des Arguments mname mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-01-12 CVE Reserved
- 2024-01-12 CVE Published
- 2024-01-20 EPSS Updated
- 2024-10-24 CVE Updated
- 2024-10-24 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-532: Insertion of Sensitive Information into Log File
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/yingqian1984/FirePunch/blob/main/7-Dormitory%20Management%20System%20has%20Database%20information%20leakage%20modifyuser.php.pdf | 2024-10-24 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Code-projects Search vendor "Code-projects" | Dormitory Management System Search vendor "Code-projects" for product "Dormitory Management System" | 1.0 Search vendor "Code-projects" for product "Dormitory Management System" and version "1.0" | - |
Affected
|