Critical Vulnerability Found in SourceCodester Simple Online Bidding System

CVE-2024-7799

7.3HIGH

Key Information

Vendor: Sourcecodester
Status: Simple Online Bidding System
Vendor: CVE Published:; 15 August 2024

Summary

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

Simple Online Bidding System = 1.0

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 5.3 - (MEDIUM)
Aug 15, 2024
Vulnerability published.
Aug 15, 2024
VulDB entry last update
Aug 14, 2024
VulDB entry created
Aug 14, 2024
Advisory disclosed
Aug 14, 2024

Collectors

NVD DatabaseMitre Database

Credit

Wsstiger (VulDB User)