Unauthenticated Access Control Vulnerability: Delete Valid Playlist Entries
CVE-2024-42797

Currently unrated

Key Information:

Vendor: Kashipara Music Management System
Status: Music Management System
Vendor: CVE Published:; 25 September 2024

What is CVE-2024-42797?

An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music playlist entries.

References

https://github.com/takekaramey/CVE_Writeup/blob/main/Kash...

Timeline

Vulnerability published
Sep 25, 2024