CVE-2024-55058
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/12/2024
Last modified:
27/03/2025
Description
An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks.
Impact
Base Score 3.x
4.30
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:phpgurukul:online_birth_certificate_system:1.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page