search

07sumit1002 / CabRental

The Cab Rental repository is a software system that provides a platform for individuals to rent vehicles for transportation. It is designed to offer an easy and seamless experience for users to book a ride.
https://07sumit1002.github.io/CabRental/
MIT License
31 stars 129 forks source link

[GENERAL] Critical Vulnerability: Login Page Misconfiguration Leading to File Exposure #319

Open 5odead opened 2 weeks ago

5odead commented 2 weeks ago

Topic Login Page Misconfiguration Leading to File Download

Details Security bug in the login page of Cab Rental, where the login page downloads the register.php file instead of processing the login request. This vulnerability not only exposes sensitive server-side code.

Additional context

Steps to Reproduce

  1. Navigate to the Login Page: Go to the following URL:
    https://07sumit1002.github.io/CabRental/login.html.

  2. Enter Credentials: Input any username and password in the respective fields.

  3. Submit the Form: Click the submit button to attempt logging in.

  4. Observe the Behavior: Instead of processing the login, observe that the register.php file is downloaded.

github-actions[bot] commented 2 weeks ago

👋 Thank you for raising an issue! We appreciate your effort in helping us improve. Our team will review it shortly. Stay tuned!

5odead commented 1 week ago

Please add gssoc-ext 24 and hacktoberfest label and level label