CVE-2026-1141
Improper Authorization in PHPGurukul News Portal Add-Subadmins.php
Publication date: 2026-01-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | news_portal | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-1141 is a broken access control vulnerability in PHPGurukul News Portal 1.0, specifically in the /admin/add-subadmins.php page. The vulnerability exists because the application enforces access control only at the frontend/UI level without proper server-side authorization checks. This allows sub-admin users to bypass UI restrictions by directly accessing the admin-only endpoint and create additional sub-admin accounts. This leads to both horizontal privilege escalation (gaining privileges of other sub-admins) and vertical privilege escalation (gaining higher administrative privileges). [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can allow unauthorized sub-admin users to escalate their privileges by creating additional sub-admin accounts, potentially gaining full administrative control over the News Portal. This compromises the confidentiality, integrity, and availability of the system. Attackers can remotely exploit this flaw easily, potentially fully compromising the admin panel and the overall system. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unauthorized access attempts to the endpoint /admin/add-subadmins.php. One method is to search for access logs showing requests to this URL from non-administrator users. Additionally, Google dorking can be used to identify vulnerable targets by searching for "inurl:admin/add-subadmins.php". Network monitoring tools can be configured to alert on HTTP requests to this endpoint. Specific commands to detect this include using grep on web server logs, for example: grep "/admin/add-subadmins.php" /var/log/apache2/access.log. Also, monitoring for HTTP 200 responses to this endpoint from sub-admin or unauthorized users can indicate exploitation attempts. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing strict server-side role verification on the /admin/add-subadmins.php endpoint to ensure only administrator users can access it. Unauthorized users should receive a 403 Forbidden response. If patching is not immediately possible, restrict access to this endpoint via network controls such as IP whitelisting or firewall rules. Monitoring and logging access attempts to this endpoint should be enhanced. Ultimately, replacing or updating the affected component to a version with proper authorization checks is recommended. [2]