إرسال #596472: Script And Tools Real-Estate-Management-System 1.0 Insecure Direct Object Reference (IDOR)المعلومات

عنوان	Script And Tools Real-Estate-Management-System 1.0 Insecure Direct Object Reference (IDOR)
الوصف	#Title of the Vulnerability: Script and Tools \| Real Estate Management System V 1.0 \| userdelete.php \| IDOR #Vulnerability Class: Insecure Direct Object Reference (IDOR) #Product Name: Real Estate Management System #Version: 1.0 #Vendor: https://github.com/scriptandtools/ #Vulnerable Product Link: https://github.com/scriptandtools/Real-Estate-website-in-PHP #Technical Details & Description: The application source code is coded in a way which allows : Insecure Direct Object Reference. #Product & Service Introduction: Real Estate Management System (Version-1.0) #Vulnerable File Is: userdelete.php #Reproduction: (1) Choose which user account you want to delete and get his ID (2) Set his user id here: http://vuln-site/reali/admin/userdelete.php?id=ID (3) Hit this url and his account will be deleted!
المصدر	⚠️ https://www.websecurityinsights.my.id/2025/06/script-and-tools-real-estate-management.html?m=1
المستخدم	MaloyRoyOrko (UID 79572)
ارسال	13/06/2025 06:28 AM (10 أشهر منذ)
الاعتدال	19/06/2025 12:10 PM (6 days later)
الحالة	تمت الموافقة
إدخال VulDB	313325 [ScriptAndTools Real Estate Management System 1.0 User Delete userdelete.php معرف تجاوز الصلاحيات]
النقاط	20

Want to know what is going to be exploited?

We predict KEV entries!