Code-Projects Student File Management System Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in Code-Projects Student File Management System version 1.0, specifically within the File Download Handler component. The issue arises in the /download.php file, where improper authorization allows users to download files that do not belong to them. This vulnerability can be exploited remotely by manipulating the store_id parameter, bypassing authorization checks and potentially leading to the download of sensitive files.

Impact

Exploitation of this vulnerability could result in unauthorized access to files, allowing attackers to download sensitive information that could compromise the server.

Reproduction

To reproduce this vulnerability, log into the application with valid credentials. Then, navigate to the /download.php file and modify the store_id parameter to a value that corresponds to a file not owned by the user. The application will incorrectly authorize the request, allowing the file to be downloaded.