CNNVD-202601-3074 Information

CNNVD ID

CNNVD-202601-3074

Related CVE

CVE-2026-1141

• CNNVD Published: 2026-01-19

Description (Chinese)

PHPGurukul News Portal是PHPGurukul公司的一个新闻门户网站。 PHPGurukul News Portal 1.0版本存在授权问题漏洞，该漏洞源于对文件/admin/add-subadmins.php的错误操作，可能导致授权不当。

Description (English)

PHPGurukul News Portal is a news portal for PHPGurukul. Version 1.0 of PHPGurukul News Portal has a mandate gap that stems from a mishandling of the document/admin/add-subadmins.php, which may lead to inappropriate authorization.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

PHPGurukul

Published

2026-01-19

Last Modified

2026-02-24

References

https://vuldb.com/?submit.735483 https://github.com/Asim-QAZi/BrokenAccessControl-News-Portal-Project-in-PHP-and-MySQL-in-PHPGurukul https://vuldb.com/?ctiid.341733 https://phpgurukul.com/ https://vuldb.com/?id.341733 https://access.redhat.com/security/cve/cve-2026-1141