Published: 25/11/2022 Updated: 29/11/2022

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 0

Subscribe to Phpgurukul Blood Donor Management System Project

PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows malicious users to access all data of users, delete the users, add and manage Blood Group, and Submit Report.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpgurukul blood donor management system project phpgurukul blood donor management system 1.0

Authenticated Vertical Privilege Escalation Vulnerability in Blood Donor Management System

CVE-2022-38813 Veritical Privilege Escalation via user parameter in Blood Donor Management System Using Codeigniter v 10 Technical description: Blood Donor Management System 10 does not properly restrict access to admin/dashboardphp, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report Affected components - Sou

CWE-668 https://drive.google.com/file/d/1iMswKzoUvindXUGh1cuAmi-0R84tLDaH/view?usp=sharing https://ihexcoder.wixsite.com/secresearch/post/cve-2022-38813-privilege-escalations-in-blood-donor-management-system-v1-0 https://github.com/RashidKhanPathan/CVE-2022-38813 https://phpgurukul.com/blood-donor-management-system-using-codeigniter https://nvd.nist.gov https://github.com/RashidKhanPathan/CVE-2022-38813

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-38813

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect