CVEs-PoC/2018/CVE-2018-16606.md at dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 14:24:48 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).

POC

Reference

https://packetstormsecurity.com/files/149259/IDOR-On-ProConf-Peer-Review-And-Conference-Management-6.0-File-Disclosure.html

Github

https://github.com/ARPSyndicate/cvemon

831 B Raw Blame History

CVE-2018-16606

Description

POC

Reference

Github

831 B

Raw Blame History