ScriptAndTools Real Estate Management System Authorization Bypass Vulnerability in User Delete Handler

An authorization bypass vulnerability has been identified in ScriptAndTools Real Estate Management System version 1.0. The issue arises in the User Delete Handler component, specifically within the userdelete.php file. By manipulating the 'id' parameter, it is possible to bypass authorization controls, allowing unauthorized users to delete accounts, including those of administrators. This vulnerability can be exploited remotely and has been publicly disclosed, with a proof-of-concept exploit available.

Impact

Exploitation of this vulnerability allows for unauthorized deletion of user accounts, including administrative accounts, potentially leading to account takeover and disruption of service.

Reproduction

To reproduce this vulnerability, access the userdelete.php file without requiring administrative privileges. Once there, identify the 'id' parameter of a user account to be deleted. Input this 'id' value into the userdelete.php file's 'id' parameter and submit the request. The specified user account will be deleted, including any associated administrative accounts.