SourceCodester Online Graduate Tracer System session expiration
CVE-2023-1854

4.7MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Online Graduate Tracer System
Vendor
CVE Published:
5 April 2023

What is CVE-2023-1854?

A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224994 is the identifier assigned to this vulnerability.

Affected Version(s)

Online Graduate Tracer System 1.0

References

https://vuldb.com/?id.224994
vdb-entrytechnical-description
https://vuldb.com/?ctiid.224994
signaturepermissions-required
https://github.com/Jlan45/OGTSFCOIA/blob/main/unauthorize...
exploit

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

J1an (VulDB User)
.
CVE-2023-1854 : SourceCodester Online Graduate Tracer System session expiration