Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-41446 PoC — Teachers Record Management System 安全漏洞

Source
https://github.com/RashidKhanPathan/CVE-2022-41446
Associated Vulnerability
Title:Teachers Record Management System 安全漏洞 (CVE-2022-41446)
Description:Teachers Record Management System是开源的一个教师记录管理系统。 Teachers Record Management System 存在安全漏洞,该漏洞源于/Admin/dashboard.php存在访问控制问题。攻击者利用该漏洞可以访问和修改用户数据。
Description
Privilege Escalation in Teachers Record Management System using CodeIgnitor
Readme
# CVE-2022-41446
Privilege Escalation in Teachers Record Management System using CodeIgnitor


> [Suggested description]
> An access control issue in /Admin/dashboard.php of Record Management
> System using CodeIgniter v1.0 allows attackers to access and modify
> user data.
>
> ------------------------------------------
>
> [Additional Information]
> Proof Of Concept: https://drive.google.com/file/d/1Rre498CWp9pWyW9h5ran8GkW6TA2NztC/view?usp=sharing
>
> ------------------------------------------
>
> [Vulnerability Type]
> Incorrect Access Control
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> Privile
>
> ------------------------------------------
>
> [Vendor of Product]
> Phpgurukul
>
> ------------------------------------------
>
> [Affected Product Code Base]
> Teachers Record Management System using CodeIgniter - 1.0
>
> ------------------------------------------
>
> [Affected Component]
> user/Users endpoint in url
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact Escalation of Privileges]
> true
>
> ------------------------------------------
>
> [Impact Information Disclosure]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> to Exploit the Vulnerability Attacker have to login with User account and attacker need to change user/Users endpoint in to admin/Admin endpoint in url,
> > Eg: http://localhost/trms-ci/user/Users/dashboard Change to localhost/trms-ci/admin/Admin/dashboard
>
> ------------------------------------------
>
> [Reference]
> https://phpgurukul.com/teachers-record-management-system-using-codeigniter/
> https://drive.google.com/file/d/1Rre498CWp9pWyW9h5ran8GkW6TA2NztC/view?usp=sharing
>
> ------------------------------------------
>
> [Discoverer]
> RashidKhan Pathan

Use CVE-2022-41446.
File Snapshot

 [4.0K]  /data/pocs/e92fda0d7efdaa8ad81694ce679ad9faa2f556cb
└── [1.8K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.