search

07sumit1002 / CabRental

The Cab Rental repository is a software system that provides a platform for individuals to rent vehicles for transportation. It is designed to offer an easy and seamless experience for users to book a ride.
https://07sumit1002.github.io/CabRental/
MIT License
34 stars 151 forks source link

[GENERAL] Critical Vulnerability: Signup Page Misconfiguration Leading to File Exposure #321

Open 5odead opened 1 month ago

5odead commented 1 month ago

Topic Signup Page Misconfiguration Leading to File Download

Details Security bug in the signup page of Cab Rental, where the signup page downloads the register.php file instead of processing the signup request. This vulnerability not only exposes sensitive server-side code but also indicates a misconfiguration that could lead to further exploitation.

Additional context

Steps to Reproduce

  1. Navigate to the Signup Page: Go to the following URL:
    https://07sumit1002.github.io/CabRental/signup.html.

  2. Enter Credentials: Input any information in the signup fields.

  3. Submit the Form: Click the submit button to attempt registering.

  4. Observe the Behavior: Instead of processing the signup, observe that the register.php file is downloaded.

5odead commented 1 month ago

Please add gssoc-ext 24 and hacktoberfest label and level label