| शीर्षक | SourceCodester SourceCodester KLiK Social Media Website v1.0.1 CRLF Injection |
|---|
| विवरण | During security testing of the profileUpdate.inc.php endpoint, an HTTP header injection vulnerability was discovered in the email parameter. The application takes user-supplied input from the email field (submitted via POST request) and unsafely concatenates it into the Location HTTP response header without proper sanitization, validation, or encoding.
By injecting CR (Carriage Return, %0d) and LF (Line Feed, %0a) characters into the email parameter, an attacker can manipulate the HTTP response structure. The vulnerability is triggered when the application performs a redirect via the header() function after a password mismatch condition (error=passwordcheck).
Example malicious POST request:
POST /includes/profileUpdate.inc.php HTTP/1.1
Host: target.com
Content-Type: application/x-www-form-urlencoded
Cookie: PHPSESSID=valid_session
update-profile=1&email=user%40example.com%0d%0aSet-Cookie:%20session=Hijacked%0d%0aX-IGNORE:&password=newpass&passwordRepeat=different&oldPassword=oldpass |
|---|
| स्रोत | ⚠️ https://github.com/msaad1999/KLiK-SocialMediaWebsite |
|---|
| उपयोगकर्ता | g111 (UID 92409) |
|---|
| सबमिशन | 27/04/2026 04:05 AM (2 महीनों पहले) |
|---|
| संयम | 24/05/2026 08:52 AM (27 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 365403 [KLiK SocialMediaWebsite 1.0 HTTP POST Request Parameter अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|