PT-2023-31439 · Unknown · Student Result Management System

Geraldo Alcântara

Publicado

2023-12-20

Atualizado

2024-08-07

CVE-2023-49980

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Best Student Result Management System version 1.0

Description A directory listing issue allows attackers to list directories and sensitive files within the application without requiring authorization.

Recommendations For Best Student Result Management System version 1.0, restrict access to sensitive directories and files to prevent unauthorized listing. Consider implementing proper access controls to mitigate the risk of exploitation.

Exploit

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2023-49980

Produtos afetados

Student Result Management System

PT-2023-31439 · Unknown · Student Result Management System

CVE-2023-49980

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5