Referenced link: https://0day.today/exploit/description/38181
Originally posted by 0day Exploit Database π΄ / @inj3ct0r@twitter.com: https://twitter.com/inj3ct0r/status/1621891996943093761#m
#0day #WordPress #QuickRestaurant 2.0.2 #XSS / #CSRF / #IDOR / Missing Authorization #Vulnerabilities https://0day.today/exploit/description/38181
#0day #wordpress #QuickRestaurant #XSS #CSRF #IDOR #vulnerabilities
Nikahverse · @nikahverse
78 followers · 162 posts · Server infosec.exchangeTop 25 IDOR bug bounty reports
https://corneacristian.medium.com/top-25-idor-bug-bounty-reports-ba8cd59ad331
#bugbounty #infosecurity #IDOR #infosec #webappsec
(ποΈβπ¨οΈγ°οΈποΈβπ¨οΈ) Azzy (ποΈγ°οΈποΈ) · @babyfangs
124 followers · 1094 posts · Server infosec.exchangeI wondered due to recently remembering when I was able to pull the PDFs off teacher's section. On the textbook manufacturer's just from fking around the URL.
This is a while ago, but I did mention to the professor but he did the idk what you talking about. (2+ years ago)
So I did email the contact email for the manufacturer. They asked for student ID, school code and classroom name. I told in response You can get the school name and thats it. But the following response was how I need to disciplinary actions against me for attempting to cheat. Thus they need the student ID. I ain't gonna get expelled for absolute dumb shit. So I didn't give it and cut off all communications.
In cases this it's now like a double sided thing. I want to report an issue so someone could fix it. But if I'm going to be punished too, why report the issue at all?
#teaching #security #IDOR #url #exploit
JDN5IX · @JDN5IX
138 followers · 896 posts · Server hackers.townWeb Application Security - I have just completed this room! Check it out: https://tryhackme.com/room/introwebapplicationsecurity #tryhackme #security #web application #IDOR #Identification and Authentication Failure #Broken Access Control #Cryptographic Failures #introwebapplicationsecurity via @realtryhackme
#introwebapplicationsecurity #cryptographic #broken #identification #IDOR #web #security #tryhackme
Jim Jones · @GreatBigTable
506 followers · 1328 posts · Server mastodon.socialDay 14 of the #TryHackMe #AdventOfCyber2022 covered a basic web application security assessment.
Specifically it tasks you with looking for a couple of insecure direct object references (#IDOR).
It was pretty simple and not that challenging, though it did get the point across.
Day 15 doesn't appear to be released yet.
#tryhackme #adventofcyber2022 #IDOR #infosec
Lucid.H3X · @lucidh3x
229 followers · 188 posts · Server infosec.exchange
Day 14 of adventbof cyber done was super easy π it's a good break from the last 2 #tryhackme #offsec #infosec #student #cybersecurity #AdventOfCode2022 #IDOR
#tryhackme #offsec #infosec #student #cybersecurity #AdventOfCode2022 #IDOR
Lucid.H3X · @lucidh3x
235 followers · 189 posts · Server infosec.exchangeDay 14 of adventbof cyber done was super easy π it's a good break from the last 2 #tryhackme #offsec #infosec #student #cybersecurity #AdventOfCode2022 #IDOR
#tryhackme #offsec #infosec #student #cybersecurity #AdventOfCode2022 #IDOR
Busta · @Busta
9 followers · 43 posts · Server infosec.exchange#Webapplications was the theme of day 14 of #AdventOfCyber2022 where I learned a new vulnerability. I know most of the typical vulnerabilities, but have never heard of #IDOR (Insecure Direct Object References). But from what I've read, that's been replaced with Broken Access Control.
#webapplications #adventofcyber2022 #IDOR #tryhackme
Wepwawet the Gray Wolf god :verified: · @zodmagus
9 followers · 51 posts · Server infosec.exchangeWeb Application Security - I have just completed this room! Check it out: https://tryhackme.com/room/introwebapplicationsecurity #tryhackme #security #web application #IDOR #Identification and Authentication Failure #Broken Access Control #Cryptographic Failures #introwebapplicationsecurity via @RealTryHackMe
#tryhackme #security #web #IDOR #identification #broken #cryptographic #introwebapplicationsecurity
Attorney :verified: :pokeball: :promoted: · @attorney
123 followers · 97 posts · Server infosec.exchangeβ#Security researcher Kamran #Mohsin discovered a flaw in the #Florida Department of Revenue system, which exposed over 700,000 customers, including their Social #Security numbers, physical addresses, and bank account details, among other sensitive #data.β
#securityleak #IDOR #vulnerability #bug #cybernews #tax #exploit #business
https://cybernews.com/news/taxpayer-social-security-numbers-exposed/?mibextid=Zxz2cZ
#security #mohsin #florida #data #securityleak #IDOR #vulnerability #bug #cybernews #tax #exploit #business
Sam Stepanyan :verified: π · @securestep9
290 followers · 68 posts · Server infosec.exchange"Hacking on a plane: Leaking data of millions of users of in-flight #WiFi and taking over any account" - a blog post by @rez0__@twitter.com :
https://rez0.blog/hacking/2022/12/02/hacking-on-a-plane.html
#wifi #airplanewifi #appsec #IDOR
magikh0e :unverified: · @magikh0e
130 followers · 132 posts · Server infosec.exchange
magikh0e :unverified: · @magikh0e
130 followers · 132 posts · Server infosec.exchange
EU Medicines Agency · @EMA_News
71 followers · 753 posts · Server respublicae.eu
RT @myESR: Happy International Day of Radiology! π₯³
Join us on this special day by sharing your IDOR celebrations using the hashtag #IDOR22 or by sending your pictures to IDoR@myesr.org π·
More information on IDOR's website π
https://ow.ly/2OVq50L9XWl
π¦π: https://nitter.eu/EMA_News/status/1589921531999948801
Vijay · @scanman
127 followers · 40 posts · Server mastodon.social
Continuing our annual tradition of honouring RΓΆntgen on November 8. #IDOR #IDOR2022 #radiology
Vijay · @scanman
122 followers · 29 posts · Server mastodon.social
International Day of Radiology, November 8, 2022.
#IDOR #IDOR2022 #radiology
