Online Hospital Management System Unauthorized Admin Privilege Escalation Vulnerability

A vulnerability in the Online Hospital Management System version 1.0 allows for unauthorized administrative privilege escalation. The issue arises in the Registration Handler component, where an attacker can manipulate the username field to overwrite the password of an existing administrator account. This exploitation can be done remotely, and once the password is changed, the attacker can log in as the administrator, gaining full access to administrative rights and functions.

Impact

Exploitation of this vulnerability allows an attacker to gain unauthorized administrative privileges, bypassing all security controls and access restrictions, and enabling them to perform sensitive operations reserved for system administrators.

Reproduction

To reproduce this vulnerability, register a new account and enter the username of an existing administrator. Fill in any password, and submit the registration form. The system will overwrite the administrator's password without any verification. After registration, log in using the administrator username and the new password to gain unauthorized access.