CVE-2024-1701 — MEDIUM (5.3)

Vulnerability Description

A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254389 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Keerti1924	Php Mysql User Signup Login System	1.0

Related Weaknesses (CWE)

CWE-284

References

https://github.com/omarexala/PHP-MYSQL-User-Login-System---Broken-Access-ControlExploit
https://vuldb.com/?ctiid.254389Permissions Required
https://vuldb.com/?id.254389Permissions Required
https://github.com/omarexala/PHP-MYSQL-User-Login-System---Broken-Access-ControlExploit
https://vuldb.com/?ctiid.254389Permissions Required
https://vuldb.com/?id.254389Permissions Required

FAQ

What is CVE-2024-1701?

CVE-2024-1701 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulat...

How severe is CVE-2024-1701?

CVE-2024-1701 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-1701?

Check the references section above for vendor advisories and patch information. Affected products include: Keerti1924 Php Mysql User Signup Login System.