PT-2024-16071 · Unknown · Phpgurukul Boat Booking System
Jadu101
·
Published
2024-10-19
·
Updated
2024-10-22
·
CVE-2024-10158
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PHPGurukul Boat Booking System version 1.0
Description
A problematic vulnerability has been found in the PHPGurukul Boat Booking System, affecting the
session start function. This issue leads to session fixation and can be exploited remotely. The exploit has been publicly disclosed and may be used.Recommendations
For PHPGurukul Boat Booking System version 1.0, consider disabling the
session start function as a temporary workaround until a patch is available. Restrict access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Session Fixation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpgurukul Boat Booking System