imvks786 Student Management System Improper Access Control Vulnerability in Student Record Handler

A vulnerability allowing improper access control has been identified in the imvks786 student management system, in versions up to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46. The issue resides in the Student Record Handler component, specifically within an unknown function of the file add.php. The vulnerability can be exploited remotely, and has been publicly disclosed. The application fails to enforce role-based access controls on server-side endpoints, allowing users with VIEW permissions to add and delete student records.

Impact

Exploitation of this vulnerability leads to unauthorized addition and deletion of student records, bypassing intended access controls. This could result in data integrity issues, such as the creation of false records or the removal of legitimate ones.

Reproduction

To reproduce this vulnerability, log in as a user with VIEW permissions. After logging in, capture the PHPSESSID cookie. Then, send a POST request to add.php with the necessary student information. The response will confirm the successful addition of the record, demonstrating the lack of proper authorization checks. Similarly, the see.php script can be accessed to delete records without any authorization verification.