Unauthenticated Access Control Vulnerability: Delete Valid Playlist Entries
CVE-2024-42797

9.8CRITICAL

Key Information:

Vendor: Kashipara Music Management System
Status: Music Management System
Vendor: CVE Published:; 25 September 2024

🔔 Create Kashipara Music Management System Vulnerability Alert

What is CVE-2024-42797?

A vulnerability in Kashipara Music Management System v1.0 allows unauthorized users to perform an action intended for authenticated users. Specifically, this weakness is present in the /music/ajax.php script that handles playlist management. An unauthenticated attacker can exploit this issue to delete existing music playlists, leading to potential data loss and disruption of service. It is crucial for users to apply necessary patches and monitor their systems for unauthorized access attempts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/takekaramey/CVE_Writeup/blob/main/Kash...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 25, 2024

JSON

Kashipara Music Management System

What is CVE-2024-42797?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.