CVE-2023-1769 — Sensitive Information Exposure in Grade Point Average GPA Calculator

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

7.5HIGHNVD

CNA4.3

EPSS

0.2%

top 63.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Grade Point Average GPA Calculator Grade Point Average Calculator Project Grade Point Average Calculator

Timeline

PublishedMar 31

Description

A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224670 is the identifier assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5sourcecodester/grade_point_average_gpa_calculator1.0

▶NVDgrade_point_average_calculator_project/grade_point_average_calculator1.0

🔴Vulnerability Details

CVEList

SourceCodester Grade Point Average GPA Calculator index.php information disclosure↗2023-03-31

▶

GHSA

GHSA-g874-7753-4g62: A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1↗2023-03-31

▶