CVE-2024-55232

CVSS 5.4 MEDIUMEPSS 0.4%CWE-290

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.4EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

18 Dec 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/CV1523/CVEs/blob/main/CVE-2024-55232.md