PT-2023-31440 · Unknown · School Management System

Geraldo Alcântara

Publicado

2023-12-20

Atualizado

2024-08-05

CVE-2023-49981

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions School Fees Management System version 1.0

Description A directory listing issue allows attackers to list directories and sensitive files within the application without requiring authorization.

Recommendations For School Fees Management System version 1.0, consider restricting access to sensitive directories and files to minimize the risk of exploitation. As a temporary workaround, review and adjust the application's configuration to require proper authorization for directory listings.

Exploit

Correção

Missing Authorization

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862CWE-200

Identificadores relacionados

CVE-2023-49981

Produtos afetados

School Management System

PT-2023-31440 · Unknown · School Management System

CVE-2023-49981

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6