A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/?page=user/list. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-230362 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://medium.com/@akashpandey380/lost-and-found-information-system-v1-0-idor-cve-2023-977966c4450d | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.230362 | Third Party Advisory |
https://vuldb.com/?id.230362 | Third Party Advisory |
Configurations
History
20 Dec 2023, 01:37
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References | (MISC) https://medium.com/@akashpandey380/lost-and-found-information-system-v1-0-idor-cve-2023-977966c4450d - Exploit, Third Party Advisory |
07 Nov 2023, 04:17
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-284 |
23 Oct 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE |
25 Sep 2023, 16:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oretnom23
Oretnom23 lost And Found Information System |
|
CPE | cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:* |
07 Jun 2023, 02:33
Type | Values Removed | Values Added |
---|---|---|
First Time |
Lost And Found Information System Project
Lost And Found Information System Project lost And Found Information System |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | (MISC) https://vuldb.com/?ctiid.230362 - Third Party Advisory | |
References | (MISC) https://vuldb.com/?id.230362 - Third Party Advisory | |
References | (MISC) https://medium.com/@akashpandey380/lost-and-found-information-system-v1-0-idor-cve-2023-977966c4450d - Exploit | |
References | (MISC) http://packetstormsecurity.com/files/172653/Lost-And-Found-Information-System-1.0-Broken-Access-Control-Privilege-Escalation.html - Exploit, Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:lost_and_found_information_system_project:lost_and_found_information_system:1.0:*:*:*:*:*:*:* |
31 May 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 May 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-31 15:15
Updated : 2024-05-17 02:27
NVD link : CVE-2023-3018
Mitre link : CVE-2023-3018
CVE.ORG link : CVE-2023-3018
JSON object : View
Products Affected
oretnom23
- lost_and_found_information_system
CWE
CWE-284
Improper Access Control