Harish Kumar

5 exploits Active since Dec 2024
CVE-2024-55231 WRITEUP MEDIUM WRITEUP
PHPGurukul Online Notes Sharing Management System 1.0 - Insecure Direct Object Reference
An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing authorization checks. This flaw exposes sensitive data and enables attackers to alter another user's information.
CVSS 4.3
CVE-2024-55232 WRITEUP MEDIUM WRITEUP
PHPGurukul Online Notes Sharing Management System 1.0 - Insecure Direct Object Reference
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing authorization checks. This flaw enables attackers to delete another user's information.
CVSS 5.4
CVE-2024-55505 WRITEUP HIGH WRITEUP
CodeAstro Complaint Management System 1.0 - Privilege Escalation via mess-view.php
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component.
CVSS 8.8
CVE-2024-55506 WRITEUP HIGH WRITEUP
CodeAstro Complaint Management System v1.0 - Authorization Bypass via delete.php id Parameter
An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.
CVSS 8.8
CVE-2024-55507 WRITEUP CRITICAL WRITEUP
CodeAstro Complaint Management System <1.0 - Privilege Escalation
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the delete_e.php component.
CVSS 9.8