目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CVE-2025-46203 PoC — Unifiedtransform 安全漏洞

来源
https://github.com/spbavarva/CVE-2025-46203
关联漏洞
标题:Unifiedtransform 安全漏洞 (CVE-2025-46203)
Description:Unifiedtransform是Hasib Mahmud个人开发者的一款开源的学校管理软件。 Unifiedtransform v2.0版本存在安全漏洞,该漏洞源于/students/edit/{id}端点漏洞,可能导致远程权限提升。
Description
PoC of CVE-2025-46203
介绍
## Description

Unifiedtransform v2.0 is vulnerable to Incorrect Access Control. Any user (students and teachers) can access and modify student records via the /students/edit/{id} endpoints. This functionality intended exclusively for administrative use. Exploiting this vulnerability can lead to unauthorized data manipulation and privilege escalation.

Vendor: [Unifiedtransform](https://github.com/changeweb/Unifiedtransform)


## Product

A school management Software
v2.0

---

## Affected components

Total Access Control Mechanism which is responsible for enforcing user permissions and roles.
Route: GET /students/edit/{id}
Controller: UserController
Method: editStudents()

And all other endpoints and functionalities related to editing student profiles.

## PoC/Attack Vector

**Step 1:** Install the application as instructed in the official GitHub repository, and log in using the default admin credentials. (admin@ut.com:password)

**Step 2:** Create a school session and add both teachers and students as per the instructions provided in the repository.

**Step 3:** Log in to the application as a Teacher or Student.

**Step 4:** Navigate to the endpoint:  
/students/edit/{id}

ID=1 is reserved for the Admin.
IDs 2, 3, etc., are assigned to Teachers.
IDs following those (e.g., 4, 5, ...) are assigned to Students.
(For example, if you create 2 teachers and 2 students, then ID=2 will be Teacher 1, ID=3 will be Teacher 2, ID=4 will be Student 1, and ID=5 will be Student 2.)

**Step 5:** Change the details and click on update.

---

**Vulnerability Type:** Incorrect Access Control  
**Attack Type:** Remote  
**Impact:** Escalation of Privileges  
**Attack Vectors:** Broken Access Control allows teachers or students to modify data of other students.

**Discoverer:** Sneh Bavarva


## Additional information

**Impact:** This allows unauthorized modifications to other student's data, which should only be accessible by administrators. This can lead to significant data integrity issues and unauthorized privilege escalation.


**References:**

https://github.com/changeweb/Unifiedtransform
https://cwe.mitre.org/data/definitions/284.html

- [Unifiedtransform Official Site](http://unifiedtransform.com)
- [Unifiedtransform GitHub Repository](https://github.com/changeweb/Unifiedtransform)
文件快照

登录后查看神龙缓存的 POC 文件快照

登录查看
备注
    1. 建议优先通过来源进行访问。
    2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
    3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →