PHPGurukul News Portal Improper Authorization Vulnerability in Add Sub-Admin Page

A broken access control vulnerability has been identified in PHPGurukul News Portal version 1.0. The issue resides in the admin panel, specifically within the Add Sub-Admin Page endpoint '/news/admin/add-subadmins.php'. This vulnerability allows sub-admin users to perform actions reserved for administrators, such as creating new sub-admin accounts. The flaw arises because access control is only enforced at the user interface level, leaving a gap that sub-admins can exploit to escalate privileges both horizontally and vertically.

Impact

Exploitation of this vulnerability leads to unauthorized privilege escalation, allowing sub-admin users to gain admin-equivalent rights. This includes the unauthorized creation of privileged accounts, which could potentially compromise the entire admin panel.

Reproduction

To reproduce this vulnerability, log in as a sub-admin user and navigate to the '/news/admin/add-subadmins.php' endpoint. The page will load without any access restrictions. Once the page is open, submit the form to create a new sub-admin account.

Remediation

It is recommended to implement server-side role validation on all admin-restricted endpoints. User roles should be verified before granting access or processing requests, with unauthorized roles receiving a '403 Forbidden' response.