| Title | SourceCodester Hospital Management System 1.0 Improper Access Controls |
|---|
| Description | Insecure Direct Object References (IDOR) vulnerability in Hospital Management System 1.0 allows attackers to permanently delete any patient account.
Description.
Insecure Direct Object References (IDOR) vulnerability in the "Vaidya Mitra" healthcare Hospital Management System 1.0, specifically in the patient's "Delete Account" feature. The issue arises due to broken access control on the ID parameter, allowing an attacker to delete any patient account permanently.
Proof of Concept (PoC):
1. Login as a patient
2. Go to http://localhost/vm/patient/settings.php
3. Attempt to delete the account and before confirming with yes intercept the request in Burp Suite
4. Send the request POST /vm/patient/delete-account.php?id=9 HTTP/1.1 to repeater in Burp Suite
5. Modify the id parameter value to that of another patient to delete their account permanently
PoC Video: https://drive.google.com/file/d/1Ce0Zz8ON5AqgP1FBxdhumMJAjOSYcXgZ/view |
|---|
| Source | ⚠️ https://github.com/Salah-Tayeh/CVEs-and-Vulnerabilities/blob/main/Hospital%20Management%20System%20-%20IDOR%20Causing%20Deletion%20of%20any%20patient%20account.md |
|---|
| User | Salah Tayeh (UID 77272) |
|---|
| Submission | 11/10/2024 02:02 (2 years ago) |
|---|
| Moderation | 11/11/2024 09:28 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 283869 [SourceCodester Hospital Management System 1.0 delete-account.php ID improper authorization] |
|---|
| Points | 20 |
|---|