A lack of sanity checking in Centre version 1.0 allows unprivileged users the ability to change administrator options and create new accounts.
d807a0fae0b3b4095b2aa40f70ea4d4a25e1b17df1521ae12a2acf5f9d7e285fSummary: [www.miller-group.net] The Miller Group, Inc. announces the release
of Centre, a free student information system for public and non-public
schools. Centre is a web-based, open source, student management product with
features that include scheduling, grade book, attendance, eligibility,
transcripts, and more. And, of course, student and employee information
screens are critical components of Centre.
Version: 1.0
Exploit: There is no sanity checking anywhere in Centre. In effect an
unprivileged user can change administrator options and could lead to
privilege escalation. This includes but is not limited to creating new
accounts:
http://demo.miller-group.net/index.php?modfunc=create_account&staff&username=admin&staff_id=new
There is also improper checking in the modules.php file this could allow PHP
script injection. No validation is done on the module path.
Fix: Disable centre until an update is released (the problems are too
extensive).
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed