| 제목 | PHPEMS <=11.0 Race Condition |
|---|
| 설명 | The points consumption function in PHPEMS (an open-source web-based exam simulation system) is affected by a Race Condition vulnerability, which falls under the category of Logic Flaw. This vulnerability exists in PHPEMS 11.0 and all earlier versions. An attacker with an account containing valid points can exploit the lack of atomicity checks and synchronization mechanisms in the points consumption process. By sending multiple concurrent course purchase requests (which consume points) via tools like Burp Suite Turbo Intruder with a race condition script, the attacker can successfully purchase the same points-consuming course more than 10 times using the same pool of points. This allows unauthorized accumulation of virtual assets (e.g., access to paid courses) without corresponding points deduction for each transaction. If the points are tied to real currency (e.g., purchased via cash or other payment methods), the vulnerability may lead to direct financial losses for the platform operator. |
|---|
| 원천 | ⚠️ https://byebydoggy.github.io/post/2025/1229-phpems-points-race-condition-poc/ |
|---|
| 사용자 | byebyedoggy (UID 90091) |
|---|
| 제출 | 2025. 12. 29. AM 07:57 (4 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 29. AM 09:20 (1 hour later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 338634 [PHPEMS 까지 11.0 Purchase Request 경쟁 조건] |
|---|
| 포인트들 | 20 |
|---|