1. Executive Summary Vulnerability: IDOR with Data Leakage in Redirect. Description: The application detects an authorization failure (e.g., User A trying to access User B’s data) and issues a 30...
1. Executive Summary Vulnerability: Insecure Direct Object Reference (IDOR) with GUIDs. Description: The application uses long, complex GUIDs (e.g., 59b3...) to identify users instead of sequentia...
1. Executive Summary Vulnerability: Insecure Direct Object Reference (IDOR). Description: The application exposes a direct reference to an internal database object (the User ID) in the URL. When ...
1. Executive Summary Vulnerability: Method-Based Access Control Bypass. Description: The application implements access controls that are tightly coupled to specific HTTP methods (e.g., checking p...
1. Executive Summary Vulnerability: URL-based Access Control Bypass (HTTP Header Spoofing). Description: The application framework supports non-standard HTTP headers (specifically X-Original-URL)...
1. Executive Summary Vulnerability: Mass Assignment (also known as Over-Posting). Description: The application framework automatically binds (maps) incoming JSON data to internal object fields. Be...
1. Executive Summary Vulnerability: Broken Access Control (Parameter Tampering). Description: The application determines the user’s privilege level based on a cleartext HTTP cookie (Admin=false). ...
1. Executive Summary Vulnerability: Unprotected Admin Functionality (Security by Obscurity). Description: The application attempts to secure the admin panel by using a long, random, unpredictable ...
1. Executive Summary Vulnerability: Unprotected Admin Functionality (Broken Access Control). Description: The application relies on “Security by Obscurity” by hiding the administration panel’s URL...
Introduction In this machine, I discovered an HTTP service running on port 80 and performed enumeration using Gobuster and manual inspection. This revealed a Monstra 3.0.4 CMS instance, which I acc...