| Название | CodeAstro Complaint Management System v1.0 Insecure Direct Object Reference (IDOR) |
|---|
| Описание | A critical vulnerability has been identified in the Complaint Management System v1.0 developed using PHP CodeIgniter. The issue exists in the deletereport() function located inside application/controllers/Report.php. The vulnerable functionality allows unauthenticated remote attackers to permanently delete arbitrary reports and their associated uploaded files from the server without requiring valid credentials.
The application exposes the vulnerable endpoint through:
/report/deletereport/<report_id>
The endpoint performs sensitive deletion operations directly based on the supplied report identifier but fails to validate whether the request originates from an authenticated or authorized user. No session validation, privilege verification, ownership checks, or CSRF protections are enforced before the deletion logic is executed.
An attacker can simply send a crafted unauthenticated HTTP GET request to the vulnerable endpoint and specify any valid report ID. Upon receiving the request, the backend immediately deletes the targeted report record from the database and also removes its associated uploaded file from server storage. After the deletion has already occurred, the application responds with an HTTP 307 Temporary Redirect, confirming successful processing of the unauthorized request.
Because the vulnerable functionality is remotely accessible and does not require authentication, attackers can automate large-scale deletion attacks against all reports stored in the application. Successful exploitation may result in permanent loss of complaint records, destruction of uploaded evidence files, operational disruption, denial of service, and significant integrity impact to the affected system.
The vulnerability can be exploited remotely with low attack complexity and requires no user interaction or privileges. |
|---|
| Источник | ⚠️ https://github.com/ashikmd0507/CVE/tree/main/Unauthenticated%20Arbitrary%20Report%20%26%20File%20Deletion |
|---|
| Пользователь | ashikmd7 (UID 98284) |
|---|
| Представление | 29.05.2026 19:56 (1 месяц назад) |
|---|
| Модерация | 28.06.2026 13:02 (30 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 374557 [CodeAstro Complaint Management System 1.0 Report Endpoint Report.php deletereport эскалация привилегий] |
|---|
| Баллы | 20 |
|---|