CVE-2024-12305 | Unifiedtransform up to 2.0 MarkController.php student_id authorization

Inserito da Angelo Barbosa | Dic 9, 2024 | CVE

A vulnerability classified as problematic has been found in Unifiedtransform up to 2.0. Affected is an unknown function of the file MarkController.php. The manipulation of the argument student_id leads to authorization bypass.

This vulnerability is traded as CVE-2024-12305. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-12305 | Unifiedtransform up to 2.0 MarkController.php student_id authorization

Post correlati

CVE-2024-20272 | Cisco Unity Connection unrestricted upload (cisco-sa-cuc-unauth-afu-FROYsCsD)

CVE-2024-22032 | Rancher RKE1 Encryption Config credentials storage

CVE-2023-7187 | Totolink N350RT 9.3.5u.6139_B20201216 HTTP POST Request cstecgi.cgi stack-based overflow

CVE-2024-1424 | GiveWP Plugin up to 3.5.1 on WordPress cross site scripting