Vulnerability Report: RCE, IDOR, Broken Access Control, XSS

## Vulnerability Summary ### 1. Vulnerability Types - **RCE (Remote Code Execution)**: Allows attackers to upload malicious files and execute arbitrary code. - **IDOR (Insecure Direct Object Reference)**: Enables unauthorized access and data manipulation through insecure object references. ### 2. Vulnerability Details and Impact #### Vulnerability 1: Unrestricted File Upload (RCE) - **Severity**: CRITICAL (10.0) - **Description**: Due to insufficient MIME type validation and insecure filename generation, attackers can upload PHP files containing malicious code, leading to server compromise. - **Affected Files**: `seller/assets/backend/profile/addadhar.php`, `seller/assets/backend/profile/addpan.php`. #### Vulnerability 2: Insecure Direct Object Reference (IDOR) - Critical Data Manipulation - **Severity**: HIGH (8.1) - **Description**: Lack of permission checks allows attackers to manipulate data belonging to other users by guessing or enumerating IDs. - **Affected Files**: `seller/assets/backend/product/product_delete.php`, `seller/assets/backend/product/updateproduct.php`. #### Vulnerability 3: Broken Access Control - Unauthenticated Account Creation - **Severity**: CRITICAL (9.8) - **Description**: Due to missing authentication and authorization checks, attackers can create new user and seller accounts via direct HTTP requests. - **Affected Files**: `Admin/assets/backend/seller/add_seller.php`, `Admin/assets/backend/user/add_user.php`. #### Vulnerability 4: Stored Cross-Site Scripting (XSS) - **Severity**: HIGH (7.6) - **Description**: Insufficient input validation allows attackers to inject malicious JavaScript into data fields, which executes when viewed by administrators. - **Affected Files**: `utility/function.php` ### 3. Impact and Risks - **RCE**: Attackers can gain shell access to the web server, perform file operations, and execute system commands. - **IDOR**: Leads to data breaches, financial fraud, and market disruption. - **Broken Access Control**: Enables unauthorized account creation and privilege escalation. - **XSS**: Enables session hijacking, persistent malware injection, and phishing attacks. ### 4. Disclosure Timeline - **Initial Contact**: December 16, 2025 - **Public Disclosure Date**: December 23, 2025 (if no response) ### 5. Remediation Recommendations - Implement strict server-side validation and extension whitelisting for file uploads. - Add ownership checks in database operations to fix IDOR vulnerabilities. - Enforce authentication checks on backend endpoints to prevent unauthorized access. - Encode output data to prevent XSS attacks.

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability Report: RCE, IDOR, Broken Access Control, XSS

More from this source