x

IDOR

Lack of implementation in authorisation checks causes this.

For example, if a transaction number is directly included in a transaction URL and this number can be manipulated to provide a different transaction number, it is possible to access another user's transaction information. A simple example is provided below: 

https://example.com/transaction?id=1234

IDOR Vulnerability Examples

If a URL parameter is used to identify the user in a password change form, attackers can change this ID to reset the password of other accounts. 

https://example.com/change_password.php?userid=1701

File Access

URLs containing file names or directory structures can often lead to unauthorized access to filesystem resources. 

https://example.com/display_file.php?file.txt

Sometimes this can lead to directory traversal 

https://example.com/display_file.php?../../../etc/passwd
Left-click: follow link, Right-click: select node, Scroll: zoom
x