Razer: Improper access control on easytopup.in.th transaction page leads to user's information disclosure and may lead to account hijacking

The tester discovered a Razer Gold Thailand server was vulnerable to information disclosure due to the use of a predicable reference ID in application URLs which could lead to the ability obtain phone numbers. Razer thanks the tester for his clear report...