| Titel | PHPEMS <=11.0 Race Condition |
|---|
| Beschreibung | The points consumption function in PHPEMS (an open-source web-based exam simulation system) is affected by a Race Condition vulnerability, which falls under the category of Logic Flaw. This vulnerability exists in PHPEMS 11.0 and all earlier versions. An attacker with an account containing valid points can exploit the lack of atomicity checks and synchronization mechanisms in the points consumption process. By sending multiple concurrent course purchase requests (which consume points) via tools like Burp Suite Turbo Intruder with a race condition script, the attacker can successfully purchase the same points-consuming course more than 10 times using the same pool of points. This allows unauthorized accumulation of virtual assets (e.g., access to paid courses) without corresponding points deduction for each transaction. If the points are tied to real currency (e.g., purchased via cash or other payment methods), the vulnerability may lead to direct financial losses for the platform operator. |
|---|
| Quelle | ⚠️ https://byebydoggy.github.io/post/2025/1229-phpems-points-race-condition-poc/ |
|---|
| Benutzer | byebyedoggy (UID 90091) |
|---|
| Einreichung | 29.12.2025 07:57 (vor 4 Monaten) |
|---|
| Moderieren | 29.12.2025 09:20 (1 hour later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 338634 [PHPEMS bis 11.0 Purchase Request Race Condition] |
|---|
| Punkte | 20 |
|---|