Smartshop Cross-Site Request Forgery Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in Smartshop version 1. This vulnerability allows attackers to manipulate user profiles by deceiving authenticated users into sending harmful requests. Exploitation involves creating HTML forms that target 'editprofile.php', embedding hidden fields for email and password. These forms are automatically submitted when the page is accessed by an authenticated admin user.

Impact

Exploitation of this vulnerability allows for unauthorized modification of user profile information, including email and password changes, potentially leading to account takeover.

Reproduction

To reproduce this vulnerability, an attacker must craft a malicious HTML form that includes hidden fields with the desired email and password values. This form should be set to submit via POST to 'editprofile.php'. Once the form is prepared, it can be hosted in a way that targets an authenticated admin user, such as through a phishing email or a compromised website. When the admin user visits the page, the form will automatically submit, changing the user's profile information.