CVE-2019-11196

Name of the Vulnerable Software and Affected Versions ValuePLUS Integrated University Management System (IUMS) (affected versions not specified)

Description The issue allows unauthenticated, remote attackers to bypass authentication and gain administrator privileges through the Teachers Web Panel (TWP) by exploiting the User ID or Password field. This could enable attackers to perform actions with administrator privileges, such as enumerating or deleting students' personal information, or modifying various settings.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.