免费、自由、人人(PwnWiki.Com)可编辑的漏洞库
,
# Exploit Title: Phone Shop Sales Managements System 1.0 - Insecure Direct Object Reference (IDOR) # Date: 21/06/2021 # Exploit Author: Pratik Khalane # Vendor Homepage: https://www.sourcecodester.com/ # Software Link: https://www.sourcecodester.com/php/10882/phone-shop-sales-managements-system.html # Version: 1.0 # Tested on: Windows 10 Pro Vulnerability Details ====================== Steps : 1) Log in to the application with the given credentials Username: kwizera Password: 12345 2) Navigate to Invoice and Click on Print Invoice. 3)In /Invoice.php?id=3005, modify the id Parameter to View User details, Address, Payments, Phone number, and Email of other Users
PWNWIK.COM==免费、自由、人人可编辑的漏洞库
