CVE-2023-3599 MEDIUM

CVE-2023-3599: SourceCodester Best Fee Management System Add User admin_class.php save_user access control

Vendor Sourcecodester

Product Best Fee Management System

Weakness CWE-264

Published July 10, 2023

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-233450 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

July 10, 2023 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-3599

Related vulnerabilities

CVE-2023-3599: SourceCodester Best Fee Management System Add User admin_class.php save_user access control

01Description

02Disclosure timeline

03References

04Related CVE