CVE-2024-0472 LOW

CVE-2024-0472: code-projects Dormitory Management System modifyuser.php information disclosure

Vendor Code-Projects
Product Dormitory Management System
Weakness CWE-200 · Info exposure
Published January 12, 2024
Last update October 24, 2024
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-250577 was assigned to this vulnerability.

Key dates

02Disclosure timeline

January 12, 2024 CVE published
October 24, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-4837 Trust Boundary Violation Vulnerability CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list CVE-2025-12149 Unauthorized access to documents protected by Document-Level Security (DLS), when Signals watches include a search query involving protected documents CVE-2023-35625 Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability CVE-2023-25913 Authentication Bypass in Danfoss AK-SM800A