Code-Projects Contact Management System Improper Authentication Vulnerability

A vulnerability exists in Code-Projects Contact Management System version 1.0, specifically within the CRUD endpoint. This flaw allows for improper authentication by manipulating the ID argument, enabling remote exploitation without authentication. The application fails to verify the identity or permissions of users accessing critical functions such as creating, updating, or deleting contacts. Notably, the deletion process can be executed through unauthenticated GET requests, exposing a significant security risk.

Impact

Exploitation of this vulnerability leads to unauthorized access to application data, allowing for unrestricted reading, writing, and deletion of contacts. This could disrupt business operations and compromise data integrity. Additionally, if the database credentials, which are available in the application's source code, are leaked, it could result in exposure of sensitive information.

Reproduction

To reproduce this vulnerability, access the 'index.php' file to view contacts without any authentication. Then, use the 'create.php' file to add a new contact by submitting a POST request with the required information, such as first name, last name, and phone number. This request will be processed successfully without credentials. Next, delete a contact by sending a GET request to 'delete.php' with the ID of the contact to be removed. This action will also be completed without authentication or a CSRF token. Finally, update a contact using 'update.php' by posting the ID and the new information. This modification will be accepted without any authentication checks.