Next Click Ventures RealtyScript Cross-Site Request Forgery Vulnerability Allowing Unauthorized User Creation
Vulnerability
A cross-site request forgery (CSRF) vulnerability has been identified in Next Click Ventures RealtyScript version 4.0.2. This vulnerability allows unauthenticated attackers to create unauthorized user accounts, including administrative users, by submitting crafted forms. Exploitation involves sending hidden form data to the '/admin/addusers.php' and '/admin/editadmins.php' endpoints, enabling attackers to register new users with arbitrary credentials and escalate privileges to SUPERUSER level.
Impact
Exploitation of this vulnerability allows for unauthorized user creation and privilege escalation to SUPERUSER level.
Reproduction
To reproduce this vulnerability, send a POST request to the '/admin/addusers.php' endpoint with the necessary hidden form data, including arbitrary credentials. This will create a new user account. To escalate privileges to SUPERUSER level, send a POST request to the '/admin/editadmins.php' endpoint with the appropriate login and password details, along with the 'SUPERUSER' level designation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.