Mlgzackfly

**Name of the Vulnerable Software and Affected Versions** SourceCodester Alumni Management System version 1.0 **Description** A weakness exists in the SourceCodester Alumni Management System that allows for missing authorization. The issue is located within the `delete forum`, `delete career`, `delete comment`, `delete gallery`, and `delete event` functions of the `admin/admin class.php` file, specifically within the Delete Handler component. Manipulation of the `ID` argument can lead to unauthorized actions. The exploit is publicly available. **Recommendations** Apply a fix to address the missing authorization in the `delete forum`, `delete career`, `delete comment`, `delete gallery`, and `delete event` functions of the `admin/admin class.php` file.