| शीर्षक | code-projects Invoice System in Laravel 1.0 Insecure Direct Object Reference (IDOR) |
|---|
| विवरण | The profile workflow uses a user-controlled id in the route and fails to verify that the requested profile belongs to the authenticated user. This allows an attacker to view or modify any user's profile data by simply changing the ID in the URL. |
|---|
| स्रोत | ⚠️ https://gist.github.com/higordiego/9b5f076d7f651e45c0f30ae14bab3b4e |
|---|
| उपयोगकर्ता | c4ttr4ck (UID 75518) |
|---|
| सबमिशन | 09/04/2026 12:17 AM (2 महीनों पहले) |
|---|
| संयम | 26/04/2026 10:49 AM (17 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 359667 [code-projects Invoice System in Laravel 1.0 Profile /profile/ पहचान अधिकार वृद्धि] |
|---|
| अंक | 16 |
|---|