# Exploit Title: compop.ca 3.5.3 - Arbitrary code Execution # Google Dork: Terms of Use inurl:compop.vip # Date: 22/12/2024 # Exploit Author: dmlino # Vendor Homepage: https://www.compop.ca/ # Version: 3.5.3 # CVE : CVE-2024-48445 The restaurant management system implements authentication using a Unix timestamp parameter ("ts") in the URL. This implementation is vulnerable to manipulation as it relies solely on time-based validation without proper authentication mechanisms. Technical Details: The application uses a URL parameter "ts" which accepts a Unix timestamp value. Steps: 1. Find a vulnerable restaurant. 2. Get the current time in the UNIX format: Linux: $date +%s Windows Powershell: [int](Get-Date -UFormat %s -Millisecond 0) 3. Replace parameter in url with the new value