CVE-2020-36064
📋 TL;DR
Online Course Registration v1.0 contains hardcoded credentials in its source code, allowing attackers to bypass authentication and gain administrative access to the control panel. This affects any organization using this specific PHP application version. The vulnerability is particularly dangerous because it provides direct access to sensitive administrative functions.
💻 Affected Systems
- Online Course Registration
📦 What is this software?
Online Course Registration by Online Course Registration Project
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the application with administrative privileges, allowing data theft, modification of course registrations, user account takeover, and potential server compromise if the application has elevated permissions.
Likely Case
Unauthorized access to administrative functions, manipulation of course data, exposure of student information, and potential privilege escalation within the application.
If Mitigated
Limited impact if application is isolated, uses proper network segmentation, and has additional authentication layers beyond the vulnerable control panel.
🎯 Exploit Status
Exploitation requires finding the hardcoded credentials in source code or using known default credentials. The GitHub reference shows public discussion of the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
1. Download the source code from sourcecodester.com
2. Search for hardcoded credentials in PHP files
3. Replace hardcoded credentials with secure authentication
4. Implement proper password hashing
5. Deploy updated code to production
🔧 Temporary Workarounds
Remove Hardcoded Credentials
linuxManually locate and remove hardcoded username/password combinations from PHP source files
grep -r 'password\|username\|admin' *.php
sed -i 's/hardcoded_password/secure_hash/' vulnerable_file.php
Implement Additional Authentication
allAdd IP whitelisting or multi-factor authentication to the control panel
🧯 If You Can't Patch
- Isolate the application behind a VPN or internal network only
- Implement web application firewall rules to block access to control panel paths
🔍 How to Verify
Check if Vulnerable:
Search source code for hardcoded credentials using: grep -r 'password\|admin\|root' *.phpCheck Version:
Check application documentation or source code comments for version informationVerify Fix Applied:
Attempt to authenticate with previously known hardcoded credentials; successful fix should reject these credentials📡 Detection & Monitoring
Log Indicators:
- Multiple failed login attempts followed by successful login with default credentials
- Administrative access from unusual IP addresses
- Access to control panel without proper authentication events
Network Indicators:
- HTTP requests to admin/control panel paths without preceding login sequences
- Traffic patterns showing administrative functions from non-admin users
SIEM Query:
source="web_logs" AND (uri_path="/admin" OR uri_path="/control") AND NOT user_agent="admin_browser" | stats count by src_ip🔗 References
- https://github.com/VivekPanday12/CVE-/issues/2
- https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/
- https://www.sourcecodester.com
- https://www.sourcecodester.com/sites/default/files/download/razormist/online-course-registration.zip
- https://github.com/VivekPanday12/CVE-/issues/2
- https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/
- https://www.sourcecodester.com
- https://www.sourcecodester.com/sites/default/files/download/razormist/online-course-registration.zip
