CVE-2024-55232

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-290
View all →

Vulnerability Description

An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.

Related Vulnerabilities

CVE-2018-8153

MEDIUM
CVSS:5.4(Medium)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Spoofing Vulnerability." This affects Microsof...

CWE-2902018

CVE-2020-1331

MEDIUM
CVSS:5.4(Medium)

A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Mana...

CWE-2902020

CVE-2021-41130

MEDIUM
CVSS:5.4(Medium)

Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT clai...

CWE-2902021

CVE-2023-27964

MEDIUM
CVSS:5.4(Medium)

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previou...

CWE-2902023

CVE-2024-21494

MEDIUM
CVSS:5.4(Medium)

All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For header due to improper input sanitization. An attacker can sp...

CWE-2902024