| शीर्षक | SourceCodester Water Billing Management System in PHP/OOP Free Source Code 1.0 Authorization Bypass |
|---|
| विवरण | A critical vulnerability in the Water Billing Management System allows unauthenticated attackers to create new administrative accounts. By sending a specially crafted POST request to the user management endpoint, an attacker can bypass the intended administrative interface and gain full control over the system.
Vulnerability Description The file /wbms/classes/Users.php contains a function save (triggered by the parameter f=save) that handles the creation and modification of user accounts. This endpoint lacks a session validation check or middleware to verify if the requester has administrative privileges.
Because the system uses an OOP approach where the class method is directly accessible via a GET/POST parameter, an external attacker can invoke the "save" logic without being logged in. By setting the type parameter to 1 (commonly representing the Admin role in this codebase), the attacker can elevate their privileges immediately. |
|---|
| स्रोत | ⚠️ https://github.com/renzortega1337/Security-Research-/blob/main/Unauthenticated%20Admin%20Creation%20in%20PHP%20System.md |
|---|
| उपयोगकर्ता | renzortega1337 (UID 98096) |
|---|
| सबमिशन | 08/05/2026 03:10 PM (27 दिन पहले) |
|---|
| संयम | 31/05/2026 10:24 AM (23 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 367515 [SourceCodester Water Billing Management System 1.0 User Management Endpoint Users.php?f=save अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|