Authentication bypass vulnerability in all versions of Integrated University Management System (IUMS) allows unauthenticated, remote attackers to gain administrator privileges via Teachers Web Panel (TWP). If exploited, the attackers could perform any actions with administrator privileges (enumerate/delete all the students personal information, modify various settings).
User ID: ADMIN’– Password: ADMIN’–
- Affected Version: All Existing Versions
- Vendor Contact: April 10, 2019
- Blog Post Published: April 12, 2019
- Applied for CVE: April 12, 2019