CVE-2024-55058

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 17, 2024

Updated: Dec 18, 2024

CWE ID 706

Summary

CVE-2024-55058 is a newly discovered vulnerability in the PHPGurukul Online Birth Certificate System v1.0. This issue involves an insecure direct object reference (IDOR) in the /user/view-application-detail.php file. Authenticated users can exploit this IDOR vulnerability by manipulating the viewid parameter in the URL, allowing unauthorized access to sensitive birth certificate details belonging to other users. This flaw poses a significant risk to user privacy and security, emphasizing the importance of proper authorization checks in web applications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1TtyQ7
https://www.cve.org/CVERecord?id=CVE-2024-55058
https://nvd.nist.gov/vuln/detail/CVE-2024-55058

Back to Vulnerability Database

CVE-2024-55058

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations