Code-Projects Simple Car Rental System Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability exists in Code-Projects Simple Car Rental System version 1.0, specifically in the admin/delete_car.php file. The vulnerability arises because the delete car operation does not include a CSRF token to verify the authenticity of the request. This flaw allows an attacker to trick an authenticated administrator into deleting vehicle data without their knowledge or consent.

Impact

Exploitation of this vulnerability allows for unauthorized deletion of vehicle data, potentially disrupting the application's data integrity and management functions.

Reproduction

To reproduce this vulnerability, an authenticated administrator must be lured into visiting a malicious webpage that sends a forged request to the admin/delete_car.php endpoint. This can be done by creating a form that includes the id of the car to be deleted and automatically submitting it when the page loads.

Remediation

To address this vulnerability, implement anti-CSRF tokens by generating unique tokens for each user session, embedding them in forms, and verifying them on the server before processing any state-changing actions. Additionally, consider using the SameSite cookie attribute to prevent cookies from being sent with cross-site requests.