ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2025-02-01 07:37:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

IDOR [4]

Browse Source 
Add 1 IDOR tips
This commit is contained in:
Muhammad Daffa 2020-09-09 22:01:15 +07:00 committed by GitHub
parent a75e7eaf9a
commit ddf80dbdd7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
IDOR.md
View File

@ -100,4 +100,13 @@ GET /graphql.php?query=
[...] [...]
``` ```
10. MFLAC (Missing Function Level Access Control)
```
GET /admin/profile
```
Try this to bypass
```
GET /ADMIN/profile
```
Source: [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup! Source: [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup!