CVE-2023-7058

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 22, 2023

Updated: May 17, 2024

CWE ID 24

Summary

CVE-2023-7058 is a critical vulnerability affecting the SourceCodester Simple Student Attendance System 1.0. An attacker can exploit an unknown functionality to launch a remote path traversal attack by manipulating the argument page, specifically using the '../filedir' command. This vulnerability allows the attacker to access unintended directories, potentially leading to data exposure or unauthorized system access. The exploit for this vulnerability has been disclosed to the public, increasing the risk of exploitation. The Vulnerability Database has assigned the identifier VDB-248749 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t4am8r
https://www.cve.org/CVERecord?id=CVE-2023-7058
https://nvd.nist.gov/vuln/detail/CVE-2023-7058

Back to Vulnerability Database

CVE-2023-7058

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations