CVE-2024-55232

{"id": "CVE-2024-55232", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-12-18T22:15:07.297", "references": [{"url": "https://github.com/CV1523/CVEs/blob/main/CVE-2024-55232.md", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-290"}]}], "descriptions": [{"lang": "en", "value": "An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information."}, {"lang": "es", "value": "Una vulnerabilidad de IDOR en manage-notes.php module en PHPGurukul Online Notes Sharing Management System v1.0 permite que usuarios no autorizados eliminen notas pertenecientes a otras cuentas debido a la falta de comprobaciones de autorizaci\u00f3n. Esta falla permite a los atacantes eliminar la informaci\u00f3n de otro usuario."}], "lastModified": "2025-03-28T16:21:59.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_management_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "088DBBD2-4F1A-4AB7-A05C-B29801C7210F"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}