CodeAstro Online Railway Reservation System vuln exposes sensitive information through directory listing
CVE-2024-7912

5.3MEDIUM

Key Information:

Vendor: CodeAstro
Status: Online Railway Reservation System
Vendor: CVE Published:; 18 August 2024

What is CVE-2024-7912?

A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

References

https://vuldb.com/?id.275038

https://vuldb.com/?ctiid.275038

https://vuldb.com/?submit.391658

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2024

JSON