| Title | SourceCodester Clinics Patient Management System 2.0 Open Redirect |
|---|
| Description | Unauthenticated Open Redirect Vulnerability was discovered in Sourcecodester's Clinic's Patient Management System - PHP 2.0 via congratulations.php
Affected Project: Sourcecodester Clinic's Patient Management System - PHP 2.0
Official Website: Sourcecodester Clinic's Patient Management System
Version: 2.0
The issue lies in the fact that the $gotoPage variable is taken directly from the $_GET superglobal, which can be easily manipulated by an attacker. By crafting a malicious URL, an attacker can redirect users to any website, including ones that may be used for phishing or other malicious purposes. affected code /congratulation.php
<?php
include './config/connection.php';
$gotoPage = $_GET['goto_page'];
//the goto_page is redirecting everything
$message = $_GET['message'];
header("Location:$gotoPage?message=$message");
?>
POC: http://192.168.95.115/congratulation.php?goto_page=https://example.com |
|---|
| Source | ⚠️ https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-Open-Redirect.md |
|---|
| User | guru (UID 74056) |
|---|
| Submission | 09/04/2024 12:28 (2 years ago) |
|---|
| Moderation | 09/06/2024 23:22 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 276774 [SourceCodester Clinics Patient Management System 2.0 congratulations.php goto_page redirect] |
|---|
| Points | 20 |
|---|