Employee Leaves Management System v.1.0 POC
VENDOR : CHANGE-PASSWORD
CREDENTIALS
Login details for employee
Email id: anuj @gmail . com
Password: Test @123
Empid: EMP10806121 ( in case of password recovery )
For admin login click on the admin login then provide username and password
Email id : admin
Password: Test @12345
STEPS_TO_REPRODUCE
1. First login into the Admin Account by giving above Credentials
2. Then from the Left panel select `chnage Password` you will be redirected to this url:`[http://localhost/elms/admin/changepassword.php](http://localhost/elms/admin/changepassword.php)`
3. Then change the password with the same password or say if you give `1` as a password it will take it and update the password , so there is no strong password policy
BURPSUITE-POST-REQUEST
POST / elms / admin / changepassword . php HTTP / 1.1
Host: localhost
Content - Length : 59
Cache - Control : max - age = 0
sec - ch - ua : "Chromium" ; v = "109" , "Not_A Brand" ; v = "99"
sec - ch - ua - mobile : ?0
sec - ch - ua - platform : "Windows"
Upgrade - Insecure - Requests : 1
Origin: http://localhost
Content - Type : application / x - www - form - urlencoded
User - Agent : Mozilla / 5.0 ( Windows NT 10.0 ; Win64 ; x64 ) AppleWebKit / 537.36 ( KHTML , like Gecko ) Chrome / 109.0 .5414 .120 Safari / 537.36
Accept: text / html , application / xhtml + xml , application / xml ; q = 0.9 , image / avif , image / webp , image / apng , * / * ;q=0.8,application/ signed- exchange ; v = b3 ; q = 0.9
Sec - Fetch - Site : same - origin
Sec - Fetch - Mode : navigate
Sec - Fetch - User : ?1
Sec - Fetch - Dest : document
Referer: http://localhost/elms/admin/changepassword.php
Accept - Encoding : gzip , deflate
Accept - Language : en - US , en ; q = 0.9
Cookie: PHPSESSID = bu0g9j3135ic7o94e97p448c43
Connection: close
password = Test @12345 & newpassword = 1 & confirmpassword = 1 & change =
VIDEO-POC
ELMS-POC-change-password.mp4