CVE Vulnerabilities

CVE-2024-55058

Use of Incorrectly-Resolved Name or Reference

Published: Dec 17, 2024 | Modified: Dec 18, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the URL to access sensitive birth certificate details of other users without proper authorization checks.

Weakness

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

References