Kashipara Hotel Management System Vulnerable to Incorrect Access Control
CVE-2024-42776
7.2HIGH
Key Information:
- Status
- Vendor
- CVE Published:
- 22 August 2024
What is CVE-2024-42776?
The Kashipara Hotel Management System version 1.0 contains an access control vulnerability that compromises user data security. Specifically, the /admin/users.php endpoint allows for incorrect access control, enabling unauthorized users to view sensitive user data without proper authentication or authorization. Organizations utilizing this version of the software should evaluate their security measures to mitigate potential data breaches linked to this vulnerability.