Script And Tools | Online-Travling-System | Broken Access Control In /admin/viewpackage.php

Hi All, 

I am Maloy Roy Orko.

Recently in one of my pentest research, I found a Online-Travling-System application By Script And Tools which is an open source Online-Travling-System.

It is made with PHP, MYSQL, JAVASCRIPT.

Curious to explore its functionalities, I downloaded and set it up in my local system. 

After fiddling with the source code, I found that it did not have any kind of Proper Access Management in /admin/viewpackage.php file. This file cam be accessed by anyone even without logging in!

It can lead into:

Malware Distribution

Unauthorized Access 

Data Breach

Web Shell Installation

Reputation Damage

The Main Thing Is,If any NON-IT personal uses this template,he will fall into this vulnerability and his companies reputation can be lost too.Thats why I am trying to inform everyone about this.

Title of the Vulnerability: 

Script And Tools | Online-Travling-System | Broken Access Control In /admin/viewpackage.php

Vulnerability Class: Broken Access Control 

Product Name: Online-Travling-System

Vendor: https://github.com/scriptandtools/

Vulnerable Product Link: https://github.com/scriptandtools/Online-Travling-System-Php

Technical Details & Description: The application source code is coded in a way which allows To Access /admin/viewpackage.php without Any Verification.

Product & Service Introduction: Online-Travling-System

Observation & Exploitation: 

Here,The Vulnerable File Is: 

/admin/viewpackage.php

Lets Exploit 🌠🗝️🔐:

First,Go To The Vulnerable Location:

Example: 192.168.0.100:8080/OTS/admin/viewpackage.php

See,You Can Access & View All Packages For The Customers Without Any Login Credentials Or Logging in.

So,This indicates that the /admin/viewpackage.php is vulnerable to Broken Access Control As We Can Access An Administrator Feature Without Any Authorization !

Conclusion :- 

The main aim of this article is to show that if any NON-IT personal uses this template,he will fall into this vulnerability and his companies reputation can be lost too. But I also hope that it helps to give you ideas of how combining attacks can make them much more potent.