| عنوان | code-projects Invoice System in Laravel 1.0 Insecure Direct Object Reference (IDOR) |
|---|
| الوصف | The profile workflow uses a user-controlled id in the route and fails to verify that the requested profile belongs to the authenticated user. This allows an attacker to view or modify any user's profile data by simply changing the ID in the URL. |
|---|
| المصدر | ⚠️ https://gist.github.com/higordiego/9b5f076d7f651e45c0f30ae14bab3b4e |
|---|
| المستخدم | c4ttr4ck (UID 75518) |
|---|
| ارسال | 09/04/2026 12:17 AM (19 أيام منذ) |
|---|
| الاعتدال | 26/04/2026 10:49 AM (17 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 359667 [code-projects Invoice System in Laravel 1.0 Profile /profile/ معرف تجاوز الصلاحيات] |
|---|
| النقاط | 16 |
|---|