HIGH🇵🇱 Wersja polska

CVE-2023-49979

CVSS 7.5v3.1pub. 2024-03-21upd. 2025-03-05

A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Mayurik Best Student Management System

    APP
    Mayurik
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-60316CRITICAL9.4PL ✓ten sam vendor

SQL Injection w Pet Grooming Management Software via parametr ID

CVE-2023-44755CRITICAL9.8PL ✓ten sam vendor

SQL Injection w Sacco Management System przez parametr password

CVE-2025-1871CRITICAL9.3PL ✓ten sam vendor

SQL Injection w 101news – parametry category i subcategory

CVE-2025-1869CRITICAL9.3PL ✓ten sam vendor

SQL Injection w 101news — podatność w parametrze 'username'

CVE-2025-1870CRITICAL9.3PL ✓ten sam vendor

SQL Injection w 101news (Mayurik Best Online News Portal) via parametr pagedescription