IDOR Vulnerability in PHPGurukul Online Notes Sharing Management System
CVE-2024-55232

5.4MEDIUM

Key Information:

Vendor: PHPGurukul
Status: Online Notes Sharing Management System
Vendor: CVE Published:; 18 December 2024

Summary

CVE-2024-55232 is a critical Insecure Direct Object Reference (IDOR) vulnerability found in the manage-notes.php module of PHPGurukul's Online Notes Sharing Management System version 1.0. This security flaw permits unauthorized users to delete notes belonging to other accounts due to insufficient authorization checks. By exploiting this vulnerability, attackers can easily compromise users' data by removing vital information without detection. This issue underscores the importance of implementing robust security measures to safeguard user data and enhance overall system integrity.

References

https://github.com/CV1523/CVEs/blob/main/CVE-2024-55232.md

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 18, 2024