IDOR On ProConf Peer-Review And Conference Management 6.0 File Disclosure

2018.09.07

Credit: S. M. Zia Ur Rashid

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2018-16606

CWE: CWE-200

CVSS Base Score: 4/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8/10

Exploit range: Remote

Attack complexity: Low

Authentication: Single time

Confidentiality impact: Partial

Integrity impact: None

Availability impact: None

*Exploit Title:* IDOR on ProConf Peer-Review and Conference Management System
*Date:* 19/07/2018
*Exploit Author:* S. M. Zia Ur Rashid
*Author Contact:* https://www.linkedin.com/in/ziaurrashid/
*Vendor Homepage:* http://proconf.org & http://myproconf.org
*Affected Version:* <= 6.0
*Patched Version:* 6.1
*CVE ID:* CVE-2018-16606
*Description:*
In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows
any author to view and grab all submitted papers (Title and Abstract) and
their authors' personal information (Name, Email, Organization, and
Position) by changing the value of Paper ID (the pid parameter).
PROOF-OF-CONCEPT
Step 1: Sign In as an author for a conference & submit a paper. Youall get
a paper ID.
Step 2: Now go to paper details and change the value of Paper ID (param
pid=xxxx) to nearest previous value to view others submitted paper &
authors information.
http:// <http:>
[host]/conferences/[conference-name]/author/show_paper_details.php?pid=xxxx

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

IDOR On ProConf Peer-Review And Conference Management 6.0 File Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.