WRITEUP

WRITEUP

Exploit for CVE-2026-1141 - Phpgurukul News Portal - Improper Authorization

AI Analysis

The repository provides a detailed technical analysis of CVE-2026-1141, a broken access control vulnerability in the News Portal Project by PHPGurukul. It explains how sub-admin users can escalate privileges by accessing an admin-only endpoint due to missing server-side authorization checks.

Attack Type

auth_bypass

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type poc

Files 4

https://github.com/Asim-QAZi/BrokenAccessControl-News-Portal-Project-in-PHP-and-MySQL-in-PHPGurukul

Authors

Mo Asim Asim Qazi

Vulnerability

CVE-2026-1141

Phpgurukul News Portal - Improper Authorization

MEDIUM

CVSS 6.3