S. M. Zia Ur Rashid

1 exploit Active since Sep 2018
CVE-2018-16606 EXPLOITDB MEDIUM text WRITEUP
ProConf < 6.1 - Unauthenticated Insecure Direct Object Reference via Paper ID Parameter
In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).
CVSS 6.5