Added uuid bypass

This commit is contained in:
Muhammad Daffa 2021-02-09 20:58:04 +07:00 committed by GitHub
parent 614ff9f093
commit be9be3326c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -105,5 +105,14 @@ Try this to bypass
GET /ADMIN/profile
```
11. Try to swap uuid with number
```
GET /file?id=90ri2-xozifke-29ikedaw0d
```
Try this to bypass
```
GET /file?id=302
```
Reference:
- [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup