CVE-2024-35353 | Diño Physics School Assistant 2.3 Users.php id improper authorization

Inserito da Angelo Barbosa | Mag 30, 2024 | CVE

A vulnerability has been found in Diño Physics School Assistant 2.3 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization.

This vulnerability was named CVE-2024-35353. The attack can be initiated remotely. There is no exploit available.

CVE-2024-35353 | Diño Physics School Assistant 2.3 Users.php id improper authorization

Post correlati

CVE-2023-49766 | Themefic Ultimate Addons for Contact Form 7 Plugin up to 3.2.0 on WordPress cross site scripting

CVE-2024-34906 | dootask 0.30.13 PDF File unrestricted upload

CVE-2024-35826 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2 Page Refcount __bio_release_pages memory leak

CVE-2023-49109 | Apache DolphinScheduler up to 3.2.0 code injection