CVE-2024-42795

MEDIUM

Kashipara Music Management System <1.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music/controller.php?page=edit_user&id=3 in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to view valid user details.

References (2)

Core 2

Scores

CVSS v3 4.2
EPSS 0.0022
EPSS Percentile 12.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (1)
lopalopa/music_management_system 1.0
Published Sep 16, 2024
Tracked Since Feb 18, 2026