Incorrect Access Control
VIDEO POC LINK https://www.youtube.com/watch?v=H5QnsOKjs3s
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.
STEPS TO REPRODUCE
1 Login to the user 1 2 visit the password change function. 3 configue the proxy with burp suit to intercept the request. 4 Send the password change request, and intercept the request and manupulate the user id to change another user password. 5. Forward the request and turn of the intercept. 6. Login to the other user with new password. 7. Observe that the account is successfully compromized.
Affected Component Password change Functionality
Attack Type] Remote
CVE Impact Other Account Takeover
Attack Vectors victim id is need which is easily enumerable.
Reference https://youtu.be/H5QnsOKjs3s
Discoverer Sajal Jat