Writeups and Walkthroughs

Home GitHub Portfolio Twitter/X Medium Cont@ct

Home GitHub Portfolio Twitter/X Medium Cont@ct

✍️Writeups and Walkthroughs
THM
HackTheBox
Vulnhub
- Brainpain (BoF)
DockerLabs
DVWA
Mutillidae II
Secure Bank
PortSwigger - Web Security Academy
HomeMade Labs

Powered by GitBook

On this page

Mutillidae II

IDOR & File Inclusion

Edit Another User's Profile

PreviousIDOR & File Inclusion NextExtracting User Accounts

Last updated 2 months ago

Lab 18: Insecure Direct Object References - Edit Another User's Profile

Go to user profile page:

Only changing the uid value parameter to 5 we can see the relative user:

http://127.0.0.1/index.php?page=view-account-profile.php&uid=5

https://127.0.0.1/index.php?page=view-account-profile.php&uid=1