Unauthorized Access to Personally Identifiable Information (PII) of Other Customers Due to IDOR Vulnerability
CVE-2024-51066

Currently unrated

Key Information:

Vendor: Phpgurukul
Status: Beauty Parlour Management System
Vendor: CVE Published:; 31 October 2024

Summary

An Insecure Direct Object Reference (IDOR) vulnerability in appointment-detail.php in Phpgurukul's Beauty Parlour Management System v1.1 allows unauthorized access to the Personally Identifiable Information (PII) of other customers.

References

http://phpgurukul.com

https://github.com/0x1c1ph3r/CVEs/tree/main/CVE-2024-51066

Timeline

Vulnerability published
Oct 31, 2024