CVE-2024-55058

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/12/2024
Last modified:
27/03/2025

Description

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpgurukul:online_birth_certificate_system:1.0:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools