CVE-2024-3139

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-285
View all →

Vulnerability Description

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-258914 is the identifier assigned to this vulnerability.

Related Vulnerabilities

CVE-2018-16086

MEDIUM
CVSS:5.4(Medium)

Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via...

CWE-2852018

CVE-2019-14870

MEDIUM
CVSS:5.4(Medium)

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clien...

CWE-2852019

CVE-2019-1842

MEDIUM
CVSS:5.4(Medium)

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct...

CWE-2852019

CVE-2020-3267

MEDIUM
CVSS:5.4(Medium)

A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerabilit...

CWE-2852020

CVE-2021-42331

MEDIUM
CVSS:5.4(Medium)

The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. After logging in with user’s privilege, remote attackers can access and edit other users’ tutorial schedule...

CWE-2852021

CVE-2022-0829

MEDIUM
CVSS:5.4(Medium)

Improper Authorization in GitHub repository webmin/webmin prior to 1.990.

CWE-2852022