CVE-2024-0351

LOW

SourceCodester Engineers Online Portal 1.0 - Info Disclosure

Title source: llm

Description

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250119.

References (3)

[Permissions Required, Third Party Advisory] https://vuldb.com/?id.250119

[Permissions Required, Third Party Advisory] https://vuldb.com/?ctiid.250119

[Exploit, Third Party Advisory] https://mega.nz/file/LJlBQLhR#Ix4yNMdtVtlJFQP6Ae6fbXmnyH4bXTTAWN_JT5kzXzg

Scores

CVSS v3 3.1

EPSS 0.0005

EPSS Percentile 13.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-384

Status published

Products (1)

engineers_online_portal_project/engineers_online_portal 1.0

Published Jan 09, 2024

Tracked Since Feb 18, 2026