CVE Project,  Penetration Testing,  Vulnerability Analysis

Vulnerability of Garage Management System 1.0

About one week ago, author mayurik released Garage Management System 1.0 on https://sourcecodester.com. The web application has a lot of vulnerabilities, so let’s take a look at some of them.

Vendor Homepage: https://www.sourcecodester.com/users/mayurik 

Software Link: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html

Version: 1.0

Test Environment: Ubuntu 22.04 + Apache2

Sample Vulnerability 1:

Vulnerability: Persistent Cross-site Scripting

Component: Parameter “brand_name” in /brand.php

Cause: There is no user input sanitization on parameter “brand_name”.

Simple PoC:

Screenshot of Exploitation:

 

Sample Vulnerability 2:

Vulnerability: SQL Injection

Component: Parameter “id” in /print.php

Cause: There is no user input sanitization on parameter “id”.

Simple PoC:

http://hostname:port/garage/print.php?id=1 ’[SQL Query]

Screenshot of Exploitation:

Sample Vulnerability 3:

Vulnerability: Persistent Cross-site Scripting

Component: Parameter “name” in /client.php

Cause: There is no user input sanitization on parameter “name”.

Simple PoC:

Screenshot of Exploitation:

 

Sample Vulnerability 4:

Vulnerability: Bad Access Control

Component: Parameter “brand_name” in /brand.php

Cause: /print.php does not verify authentication and authorization.

Simple PoC:

Access http://hostname:port/print.php?id=2

Screenshot of Exploitation:

14 Comments

Leave a Reply