Vulnerability in Kabir-m-alhasan Student_management_system

CVE-2023-3007

A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulat…

EPSS: 0.010 (59.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L.

Affected products

Weakness classification (CWE)

References

  • cna@vuldb.com (Permissions Required, technical-description, VDB Entry, Third Party Advisory, vdb-entry)
  • cna@vuldb.com (signature, Permissions Required, permissions-required, VDB Entry, Third Party Advisory)
  • cna@vuldb.com (exploit, broken-link, Broken Link)

Frequently asked questions

What is CVE-2023-3007?
CVE-2023-3007 is a medium-severity vulnerability in Kabir-m-alhasan Student_management_system, classified under Weak Password Recovery Mechanism for Forgotten Password. CVSS score: 6.5/10. Published 2023-05-31.
How severe is CVE-2023-3007?
Medium severity. CVSS v3 base score is 6.5 out of 10.