Description

A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224670 is the identifier assigned to this vulnerability.

Related CPE's

a

grade_point_average_\(gpa\)_calculator_project

grade_point_average_\(gpa\)_calculator

1.0

Vulnerable

References

https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md

Broken LinkThird Party Advisory

https://vuldb.com/?ctiid.224670

Third Party Advisory

https://vuldb.com/?id.224670

Third Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

[email protected]

Secondary
CWE-200

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-31T11:15:06.847

2 years ago

Last modified

2024-05-17T02:18:25.707

1 year ago