CVE-2022-4228: bug-report/vendors/oretnom23/bsms_ci/passwd-hash at main · lithonn/bug-report

main

Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

bug-report/vendors/oretnom23/bsms_ci/passwd-hash/

Go to file

bug-report/vendors/oretnom23/bsms_ci/passwd-hash/

Latest commit

tunv0 Done update BAC and PWD vuln

833128b

Nov 17, 2022

Done update BAC and PWD vuln

833128b

Git stats

• History

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

. .

images

Update payloads, images

Nov 17, 2022

README.md

Done update BAC and PWD vuln

Nov 17, 2022

README.md

Unauthenticated Password Hash Disclosure vulnerability

Description: Vulnerability was found in SourceCodester Book Store Management System 1.0. An Unauthenticated Password Hash Disclosure vulnerability has been identified, which can be exploited to retrieve the password hashes of all existing user accounts.

The product(s): https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html

Affected product(s)/code base: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsms_ci.zip

Affected component(s): /bsms_ci/index.php/user/edit_user/{id}

Proof of Concept: Make a non-authenticated request to retrieve the admin user password hash.

[+] Payload: curl localhost/bsms_ci/index.php/user/edit_user/1

Discoverer(s)/Credits: CMCSOC Redteam (@lithonn)

• Ngo Van Tu (@leecybersec)
• Tran Thi Nho (@nhott)
• Huynh Nhat Hao (@h40huynh)
• Le Thi Huyen My (@Huy3nMy)