CVE-2024-25270 PoC — Mirapolis LMS 安全漏洞

Source

https://github.com/fbkcs/CVE-2024-25270

Associated Vulnerability

Title:Mirapolis LMS 安全漏洞 (CVE-2024-25270)
Description:Mirapolis LMS是Mirapolis公司的一个现代远程学习管理系统。 Mirapolis LMS 4.6.XX存在安全漏洞，该漏洞源于不安全的直接对象引用（IDOR），允许经过身份验证的用户通过操纵ID参数和递增STEP参数来暴露敏感用户数据。

Description

for future article of research vulnerability in MIRAPOLIS LMS

Readme

# CVE-2024-25270
for future article of research vulnerability in MIRAPOLIS LMS

Researcher: Vadim Golovanov

Issue date: 2024-01-29 (Initial Advisory)

Public release: 2024-05-XX (future after vendor response)

File Snapshot


 [4.0K]  /data/pocs/f669e3de7ead696ca7f4ef718d72970c38d17cb3
└── [ 210]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!