Serosoft Solutions Academia SIS EagleR Incorrect Access Control Vulnerability Allowing User Account Modification

Vulnerability

A vulnerability exists in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR version 1.0.118, due to incorrect access control in the staff resource creation endpoint. This flaw allows unauthorized users to create and modify user accounts, including those of administrators.

Impact

Exploitation of this vulnerability could lead to unauthorized creation and modification of user accounts, potentially allowing for elevated privileges if an administrator account is altered.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Serosoft Solutions Academia SIS EagleR Incorrect Access Control Vulnerability Allowing User Account Modification

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating