A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
History

Thu, 02 Jan 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 02 Jan 2025 13:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Title Beijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorization
Weaknesses CWE-266
CWE-285
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2025-01-02T13:00:15.272Z

Updated: 2025-01-02T16:20:19.858Z

Reserved: 2025-01-01T11:31:29.255Z

Link: CVE-2024-13109

cve-icon Vulnrichment

Updated: 2025-01-02T16:20:09.253Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-01-02T13:15:07.203

Modified: 2025-01-02T17:15:08.073

Link: CVE-2024-13109

cve-icon Redhat

No data.