openSIS <= 7.4 Incorrect Access Control Vulnerabilities  
[-] Software Link:  
[-] Affected Versions:  
Version 7.4 and prior versions.  
[-] Vulnerabilities Description:  
The application prevents unauthenticated access to its functionalities   
by including  
the 'RedirectIncludes.php', 'RedirectModules.php', and   
'RedirectRootInc.php' scripts,  
which implement the access control logic by using the following code:  
header('Location: ../../../index.php');  
This can be easily bypassed by appending /index.php at the end of the   
URL, and can  
be exploited by unauthenticated attackers to potentially access any   
functionality which should require the user to be authenticated.  
[-] Solution:  
No official solution is currently available.  
[-] Disclosure Timeline:  
[04/11/2019] - Vendor notified  
[04/11/2019] - Vendor acknowledgement  
[10/01/2020] - Vendor contacted again asking for updates  
[15/01/2020] - Vendor replied they would need a few examples  
[20/01/2020] - Told the vendor they could use the PoC I sent them in   
[05/02/2020] - Vendor asked for a video recording to demonstrate the   
[06/02/2020] - Proof of Concept video sent to the vendor  
[03/03/2020] - Vendor contacted again asking for updates  
[04/03/2020] - Vendor replied "we just have to wait a little longer"  
[25/04/2020] - Version 7.4 released, vulnerabilities still not fixed  
[22/05/2020] - CVE number assigned  
[30/06/2020] - Public disclosure  
[-] CVE Reference:  
The Common Vulnerabilities and Exposures project (  
has assigned the name CVE-2020-13382 to these vulnerabilities.  
[-] Credits:  
Vulnerabilities discovered by Egidio Romano.  
[-] Original Advisory: