Improper Access Control in PHPGurukul Online Notes v1.0 (Contact Info)
CVE-2023-7055 Published on December 22, 2023
PHPGurukul Online Notes Sharing System Contact Information profile.php access control
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Affected is an unknown function of the file /user/profile.php of the component Contact Information Handler. The manipulation of the argument mobilenumber leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-248742 is the identifier assigned to this vulnerability.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-7055 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-7055
Want to know whenever a new CVE is published for PHPGurukul Online Notes Sharing System? stack.watch will email you.
Affected Versions
PHPGurukul Online Notes Sharing System Version 1.0 is affected by CVE-2023-7055Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.