CVE-2024-0350

CWE-613 — Insufficient Session Expiration3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 82.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Engineers Online Portal Engineers Online Portal Project Engineers Online Portal

Timeline

PublishedJan 9

Latest updateJan 10

Description

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-250118 is the identifier assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5sourcecodester/engineers_online_portal1.0

▶NVDengineers_online_portal_project/engineers_online_portal1.0

🔴Vulnerability Details

GHSA

GHSA-c3w2-9vqm-66r7: A vulnerability was found in SourceCodester Engineers Online Portal 1↗2024-01-10

▶

CVEList

SourceCodester Engineers Online Portal session expiration↗2024-01-09

▶