从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞标题: - Title: Sourcecodester Online Exam system using Django V 1.0 Improper Access Controls 2. 漏洞描述: - Description: Title - Privilege Escalation - Steps to reproduce: 1. Login to the application as a student. 2. In the URL, change the student-dashboard to admin-dashboard. 3. The attacker can log in as an admin with low privilege and perform admin level actions. 3. CVSS Score: - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L 4. PoC Link: - PoC Link: https://drive.google.com/file/d/1hEXfbOOkWdYzaSl6ORqvPGBtn09R12Uj/view?usp=drive_link 5. 联系开发人员: - Contacted the developer, no response from them 6. 漏洞链接: - Vulnerable URL: https://www.sourcecodester.com/python/15382/online-exam-system-python-using-django-framework-free-source-code.html 7. 状态: - Status: Accepted 8. 提交时间: - Submission: 10/21/2024 07:13 PM (4 days ago) - Moderation: 10/24/2024 05:39 PM (3 days later) 这些信息详细描述了漏洞的性质、如何复现、影响程度以及提交和处理的状态。