a4m4 Student Management System Unauthenticated Access Vulnerability in Admin Delete and Update Scripts

A vulnerability exists in a4m4 Student-Management-System versions prior to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The issue arises in the admin/deleteform.php file, where an unknown function improperly authorizes requests. This vulnerability allows unauthenticated users to delete student records remotely, potentially leading to significant data loss and integrity issues. The admin/updatedata.php script is also affected, allowing unauthorized modifications of student information. The absence of session validation in these scripts means that actions can be performed anonymously, without any logging or traceability.

Impact

Exploitation of this vulnerability allows for arbitrary deletion and modification of student records. The lack of authentication or authorization in the affected scripts means that these actions can be performed by anyone who knows the endpoint, causing severe data integrity issues and disrupting business operations that rely on accurate student information.

Reproduction

To reproduce this vulnerability, send a GET request to the admin/deleteform.php endpoint without any session cookie. Include a student ID in the sid parameter. The server will respond with HTTP 200 OK, indicating that the request was processed successfully without any authentication checks. This same method can be used with the admin/updatedata.php script to modify student records.