Last active
March 27, 2024 04:29
-
-
Save aashiqahamedn/39383cfbc639cbdc3e1a7d74b977aeae to your computer and use it in GitHub Desktop.
Incorrect Access Control
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Name of the Affected Product: | |
Reportico | |
Affected Version: | |
Till 8.1.0 | |
Description: | |
This vulnerability occurs when a low privilege user is able to access and view configuration details that are intended to be restricted to admin users. These configuration details may include sensitive information related to SQL queries and other critical system settings. This unauthorized access allows the low privilege user to gain insights into the inner workings of the application or system, potentially leading to unintended exposure of sensitive data or exploitation of system weaknesses. | |
Impact: | |
This vulnerability poses serious risks to the security and integrity of the application and its underlying systems. By gaining access to sensitive configuration details, low-privileged users can exploit system weaknesses, potentially leading to data breaches, unauthorized data manipulation, or even system compromise. | |
URL: | |
http://localhost/reportico-8.1.0/run.php?execute_mode=PREPARE&xmlin=qqqq.xml&reportico_session_name=b137719u9cqjt0sqog9aorvcks_reportico | |
http://localhost/reportico-8.1.0/run.php?execute_mode=MAINTAIN&xmlin=qqqq.xml&reportico_session_name=b137719u9cqjt0sqog9aorvcks_reportico | |
Steps: | |
By changing the execute_mode parameter in URL from PREPARE TO MAINTAIN the low privilege user can view the config page which is restricted to the low privilege user. | |
Ref: | |
https://github.com/reportico-web/reportico/issues/51 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment