CVE-2023-31704 — Incorrect Authorization in Online Computer AND Laptop Store

CWE-863 — Incorrect Authorization4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

1.5%

top 18.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oretnom23 Online Computer AND Laptop Store

Timeline

PublishedJul 13

Description

Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDoretnom23/online_computer_and_laptop_store1.0

🔴Vulnerability Details

CVEList

CVE-2023-31704: Sourcecodester Online Computer and Laptop Store 1↗2023-07-13

▶

GHSA

GHSA-rg52-xrwc-xm79: Sourcecodester Online Computer and Laptop Store 1↗2023-07-13

▶

📋Vendor Advisories

VMware

VMware vRealize Log Insight latest updates address multiple security vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711)↗2023-01-24

▶