Summary
Unchecked Input for Loop Condition vulnerability in php/submit.php allows authenticated remote attackers to perform Denial-of-Service attacks via the multi parameter.
Details
The multi parameter is not checked and can be very large.
|
$multi = $_POST["multi"] ?? false; |
|
if ($multi) { |
|
for ($idx = 0; $idx < $multi; $idx++) { |
|
$rows[$idx] = $idx + 1; |
|
} |
|
foreach ($rows as $idx) { |
PoC
POST param=ADD&multi=100000 to https://openflights.org/php/submit.php (or several requests at the same time if a single request is not enough). Then observe degraded performance or even completely denied access to the service.
Impact
Authenticated remote attackers can degrade the performance of the server or even completely deny access from legitimate users.
Summary
Unchecked Input for Loop Condition vulnerability in
php/submit.phpallows authenticated remote attackers to perform Denial-of-Service attacks via themultiparameter.Details
The
multiparameter is not checked and can be very large.openflights/php/submit.php
Line 26 in f53e452
openflights/php/submit.php
Lines 87 to 90 in f53e452
openflights/php/submit.php
Line 103 in f53e452
PoC
POST
param=ADD&multi=100000tohttps://openflights.org/php/submit.php(or several requests at the same time if a single request is not enough). Then observe degraded performance or even completely denied access to the service.Impact
Authenticated remote attackers can degrade the performance of the server or even completely deny access from legitimate users.