Account Takeover Via Modifying Email ID — Codeigniter Framework Through 3.0.0

Hello Members, I am Vishal Bharad. Works as Security Researcher and pursuing OSCP. Here I am Back with another Interesting blog on Full Account Takeover Via Modifying Email ID.

Vulnerable Product — Codeigniter 3.0.0 (Authentication) Web Application Framework

Vulnerability Type — Insecure Permissions

Affected Component — Login page form.

Attack Type — Remote

Impact Escalation of Privileges — true

Here in Authentication Library there are many Simple, Fast and Lightweight auth codeigniter.

Feature:
-Add user
-Delete user
-Ban, Unban user
-Register new user sent to email token
-Forget password
-Role user level — Vulnerable Feature
-Edit user profile
-Gravatar user profile
-Recaptcha by Google
-And much more

Core Authentication Features

• User Authentication (User Login)
• Access Granted by Level / Role — Vulnerable Feature
• Access Granted by Role Group — Vulnerable Feature
• ACL for Finer Controlled Permissions