PHP-SHOP Cross-Site Request Forgery Vulnerability Allowing Unauthorized Admin Access

A cross-site request forgery (CSRF) vulnerability has been identified in PHP-SHOP version 1.0. This vulnerability allows unauthenticated attackers to add administrative users by creating malicious HTML forms. Attackers can deceive authenticated administrators into visiting a page with a hidden form that automatically submits POST requests to the users.php endpoint. The submitted requests include parameters such as name, email, password, and permissions set to admin, enabling the creation of unauthorized admin accounts.

Impact

Exploitation of this vulnerability allows for the unauthorized addition of administrative users, potentially leading to unauthorized access and privileges within the application.

Reproduction

To reproduce this vulnerability, an attacker must create a hidden HTML form that includes the necessary parameters to add a user via the users.php endpoint. This form should be designed to automatically submit itself when the page is loaded. Once the form is submitted, the server will process the request and add the specified user as an admin.