| 제목 | LakshayD02 GitHub Hostel Management System PHP f87e67c283bab6f718faf2fec6ae39a13bd7036b Improper Authorization |
|---|
| 설명 | Hostel Management System PHP contains a missing authorization vulnerability in the admin panel. The normal user login flow sets $_SESSION['id'], and the admin authorization helper only checks whether $_SESSION['id'] is non-empty. It does not verify that the session belongs to an administrator.
In hostel/index.php, a successful ordinary user login sets $_SESSION['id'] and $_SESSION['login']. In hostel/admin/includes/checklogin.php, the admin authorization check only verifies if strlen($_SESSION['id']) == 0. Since ordinary users and administrators share the same $_SESSION['id'] session key, an authenticated ordinary student user can access admin-only pages.
The issue was verified on commit f87e67c283bab6f718faf2fec6ae39a13bd7036b. After logging in as the ordinary user [email protected] / rohansharma from hostel.sql, the following admin pages return HTTP/1.1 200 OK: /admin/dashboard.php, /admin/manage-students.php, /admin/create-room.php, and /admin/add-courses.php.
Impact: an ordinary authenticated user can access the admin dashboard, view student records, access management pages, and reach administrative functionality such as adding courses, adding rooms, viewing complaints, and potentially modifying or deleting records.
CWE: CWE-862 Missing Authorization.
Suggested CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, 8.8 High. |
|---|
| 원천 | ⚠️ https://github.com/LakshayD02/Hostel-Management-System-PHP/issues/1 |
|---|
| 사용자 | xady (UID 77122) |
|---|
| 제출 | 2026. 05. 17. AM 03:41 (25 날 ago) |
|---|
| 모더레이션 | 2026. 06. 04. AM 07:46 (18 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 368263 [LakshayD02 Hostel-Management-System-PHP 까지 f87e67c283bab6f718faf2fec6ae39a13bd7036b Admin Dashboard Page hostel/index.php 아이디 권한 상승] |
|---|
| 포인트들 | 20 |
|---|