PT-2023-32856 · Unknown · Phpgurukul Online Notes Sharing System
Dhabaleshwar
·
Published
2023-12-22
·
Updated
2024-05-17
·
CVE-2023-7055
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PHPGurukul Online Notes Sharing System version 1.0
Description
A problematic vulnerability has been found in the Contact Information Handler component of the PHPGurukul Online Notes Sharing System. The issue is related to the manipulation of the
mobilenumber argument, which leads to improper access controls. This can be exploited remotely. The exploit has been disclosed to the public.Recommendations
For PHPGurukul Online Notes Sharing System version 1.0, consider restricting access to the
/user/profile.php file until a patch is available. As a temporary workaround, avoid using the mobilenumber argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Access Control
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpgurukul Online Notes Sharing System