Skip to content

Latest commit

 

History

History
26 lines (20 loc) · 1022 Bytes

Proof-of-vulnerability.md

File metadata and controls

26 lines (20 loc) · 1022 Bytes
Raw

BUG_Author:
BinXiang Wei

Vendor:
https://www.kaoshifeng.com/

Vulnerability File:
https://school.yfhl.net/#/login

Affected product name:
Beijing Yunfan Internet Technology Co., Ltd. Yunfan Learning Examination System

Affected version: V6.5

Root cause:
Due to logical errors in password verification, it is possible for any user to log in

Proof of vulnerability:

  1. access https://school.yfhl.net/#/login

2. Log in using the admin account and fill in the password freely

3. Due to the restriction of entering a password in the front-end, it is necessary to intercept login packets and set the password value to null

4. Release the modified data packet and successfully bypass verification to log in to the management backend