Security
Headlines
HeadlinesLatestCVEs

Headline

Gaati Track 1.0-2023 Insecure Direct Object Reference

Gaati Track version 1.0-2023 suffers from an insecure direct object reference vulnerability.

Packet Storm
#vulnerability#windows#google#php#auth#firefox
====================================================================================================================================| # Title     : Gaati track v1.0-2023 IDOR Vulnerability                                                                           || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php                            |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /new_user.php                 /branch_list.php         /parcel_list.php         /reports.php         /sidebar.php         /staff_list.php[+] https://www/127.0.0.1/ks50.karnataka.govin/sidebar.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

Packet Storm: Latest News

Ubuntu Security Notice USN-7121-3