CWE-914: Improper Control of Dynamically-Identified Variables
Weakness ID: 914
The software does not properly restrict reading from or writing to dynamically-identified variables.
Many languages offer powerful features that allow the programmer to access arbitrary variables that are specified by an input string. While these features can offer significant flexibility and reduce development time, they can be extremely dangerous if attackers can modify unintended variables that have security implications.
Time of Introduction
Architecture and Design
Technical Impact: Modify application
An attacker could modify sensitive data or program variables.
Technical Impact: Execute unauthorized code or
Technical Impact: Varies by context; Alter execution
This code uses the credentials sent in a POST request to login a
//Log user in, and set $isAdmin to true if user is an
The call to extract() will overwrite the existing values of any
variables defined previously, in this case $isAdmin. An attacker can
send a POST request with an unexpected third value "isAdmin" equal to
"true", thus gaining Admin privileges.