CVE-2024-55058

Exploit

EPSS 0.23%
Veröffentlicht 17.12.2024 21:15:08
Zuletzt bearbeitet 27.03.2025 16:23:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Phpgurukul ≫ Online Birth Certificate System Version1.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.135

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-706 Use of Incorrectly-Resolved Name or Reference

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

https://github.com/SCR-athif/CVE/tree/main/CVE-2024-55058

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-55058

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-55058

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-55058

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-55058