imvks786 Student Management System Improper Authorization Vulnerability in Student Deletion Endpoint

A broken access control vulnerability has been identified in the imvks786 student_management_system, affecting versions prior to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46. The issue resides in the student deletion endpoint within the file see.php. The vulnerability allows users with only VIEW permissions to delete student records by manipulating the del parameter. This deletion occurs before the system verifies the user's authorization level, enabling unauthorized record removal. The vulnerability can be exploited remotely, and has been publicly disclosed.

Impact

Exploitation of this vulnerability allows users with VIEW permissions to delete student records, bypassing proper authorization checks.

Reproduction

To reproduce this vulnerability, log in as a user with VIEW permissions, such as the default admin1/admin account. After obtaining a valid session cookie, send a GET request to see.php with the del parameter set to the ID of a student record. The response will confirm the deletion, and the record count will reflect the removed entry.