CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access to the same network (e.g., public Wi-Fi or compromised router) can capture login credentials via Man-in-the-Middle (MitM) techniques. If the attacker subsequently uses the credentials to log in and exploit administrative functions (e.g., file upload), this may lead to remote code execution depending on the environment.
The application does not use TLS/HTTPS encryption when transmitting the login form, which means that passwords are sent as plain text over the network. An attacker present on the same network (e.g., public Wi-Fi or compromised router) can perform a Man-in-the-Middle (MitM) attack and intercept transmitted authentication data. After obtaining login credentials, the attacker can log into the application and exploit available administrative functions — in particular the file upload function — which depending on the environment configuration may lead to remote code execution (RCE).
An attacker can intercept user login credentials, take over their accounts, and in case of obtaining administrative access — lead to remote code execution on the server, resulting in complete breach of system confidentiality, integrity, and availability.
The application should be configured to handle only HTTPS connections with a valid TLS certificate and disable access through unencrypted HTTP. Patches available from the vendor should be applied according to references. As an interim remedial measure, it is recommended to place the application behind a reverse proxy enforcing HTTPS (e.g., nginx, Apache) and consider implementing HTTP Strict Transport Security (HSTS).
CloudClassroom-PHP-Project v1.0 (project by Vishalmathur)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HVishalmathur Cloudclassroom PHP Project
APPVishalmathur1.0
Related vulnerabilities
SQL Injection w CloudClassroom-PHP — plik askquery.php
SQL Injection w CloudClassroom-PHP — ominięcie uwierzytelnienia admina
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass para...
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0....
CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid paramet...