SourceCodester Alumni Management System Delete admin_class.php delete_event authorization_CVE-2025-13468

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function delete_forum/delete_career/delete_comment/delete_gallery/delete_event of the file admin/admin_class.php of the component Delete Handler. Executing manipulation of the argument ID can lead to missing authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.

Basic Information

ID CVE-2025-13468

Source VulDB

Published Nov 20, 2025 at 13:32

Modified Nov 20, 2025 at 18:33

Affected Product

Vendor SourceCodester

Product Alumni Management System

Version 1.0

Affected Versions SourceCodester Alumni Management System 1.0

CWE Classification

CWE-862 CWE-863

References

{
    "lastseen": "",
    "description": "A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function delete_forum/delete_career/delete_comment/delete_gallery/delete_event of the file admin/admin_class.php of the component Delete Handler. Executing manipulation of the argument ID can lead to missing authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.",
    "published": "2025-11-20T13:32:08.236Z",
    "modified": "2025-11-20T18:33:51.514Z",
    "type": "cve",
    "title": "SourceCodester Alumni Management System Delete admin_class.php delete_event authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.333041\nhttps://vuldb.com/?ctiid.333041\nhttps://vuldb.com/?submit.694826\nhttps://hackmd.io/@mlgzackfly/SourceCodester\nhttps://www.sourcecodester.com/",
    "id": "CVE-2025-13468",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862",
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Alumni Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Alumni Management System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}