2 matches found
CVE-2021-35337
Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference IDOR. Any attacker will be able to see the invoices of different users by changing the id parameter...
CVE-2021-35337
SourceCodester Phone Shop Sales Management System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). The root cause is improper access control that lets an attacker change the id parameter to view invoices of other users. Reported across multiple sources (NVD entry CVE-2021-35337; CNVD...