| tiêu đề | Script And Tools Real-Estate-Management-System 1.0 Insecure Direct Object Reference (IDOR) |
|---|
| Mô tả | #Title of the Vulnerability:
Script and Tools | Real Estate Management System V 1.0 | userdelete.php | IDOR
#Vulnerability Class: Insecure Direct Object Reference (IDOR)
#Product Name: Real Estate Management System
#Version: 1.0
#Vendor: https://github.com/scriptandtools/
#Vulnerable Product Link: https://github.com/scriptandtools/Real-Estate-website-in-PHP
#Technical Details & Description: The application source code is coded in a way which allows : Insecure Direct Object Reference.
#Product & Service Introduction:
Real Estate Management System (Version-1.0)
#Vulnerable File Is:
userdelete.php
#Reproduction:
(1) Choose which user account you want to delete and get his ID
(2) Set his user id here: http://vuln-site/reali/admin/userdelete.php?id=ID
(3) Hit this url and his account will be deleted! |
|---|
| Nguồn | ⚠️ https://www.websecurityinsights.my.id/2025/06/script-and-tools-real-estate-management.html?m=1 |
|---|
| Người dùng | MaloyRoyOrko (UID 79572) |
|---|
| Đệ trình | 13/06/2025 06:28 (cách đây 10 các tháng) |
|---|
| Kiểm duyệt | 19/06/2025 12:10 (6 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 313325 [ScriptAndTools Real Estate Management System 1.0 User Delete userdelete.php ID nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|