CVE-2025-15213
Improper Authorization in Student File Management System Download Handler
Publication date: 2025-12-30
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | student_file_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Student File Management System 1.0, specifically in the /download.php file's File Download Handler component. It involves improper authorization caused by manipulation of the 'store_id' argument, allowing an attacker to potentially access files they should not be authorized to download. The attack can be performed remotely and the exploit has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to files within the Student File Management System, potentially exposing sensitive or restricted information. Since the attack can be carried out remotely, it increases the risk of data leakage or unauthorized data exposure without requiring physical access to the system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access to sensitive files due to improper authorization checks, which could lead to exposure of personal or sensitive data. This unauthorized data access may result in non-compliance with data protection regulations such as GDPR or HIPAA, which require strict controls on access to personal and sensitive information. However, no specific details on compliance impact are provided in the resources. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests to the /download.php endpoint for manipulation of the 'store_id' parameter. You can look for unusual or unauthorized access patterns where 'store_id' values are used to access files not belonging to the authenticated user. A suggested command to detect such attempts using command-line tools like curl or wget is to perform HTTP GET requests with different 'store_id' values and observe if unauthorized files are accessible. For example: curl -i 'http://target/download.php?store_id=some_value'. Additionally, network monitoring tools or web application firewalls can be configured to alert on suspicious requests to /download.php with varying 'store_id' parameters. Google Dorking with queries like 'inurl:download.php' can help identify vulnerable targets externally. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /download.php endpoint and implementing proper authorization checks to validate the 'store_id' parameter against the authenticated user's permissions. Since no known countermeasures or patches are reported, it is recommended to replace the affected software with an alternative product that does not have this vulnerability. Additionally, monitoring and logging access to sensitive files and limiting user privileges can help reduce risk until a secure fix is applied. [2]