CVE-2024-0260

A vulnerability, which was classified as problematic, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file change_password_teacher.php of the component Password Change. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249816.

More information : https://mega.nz/file/yEsSwK6D#–ygVt0NtzhZdqVxvjaPLCYfnIeBSyf76KaRozOxfVo

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : NONE
Integrity impact : HIGH
Base score : 7.5
Base severity : HIGH
Exploitability score : 3.9
Impact score : 3.6