Ir al contenido
Home
CTFs resueltos
PicoCTF
PicoCTF 2025 writeup
PicoCTF 2024 writeup
PortSwigger Lab Writeups
Menú
Home
CTFs resueltos
PicoCTF
PicoCTF 2025 writeup
PicoCTF 2024 writeup
PortSwigger Lab Writeups
Categoría:
Access control
Referer-based access control
Multi-step process with no access control on one step
Method-based access control can be circumvented
URL-based access control can be circumvented
Insecure direct object references
User ID controlled by request parameter with password disclosure
User ID controlled by request parameter with data leakage in redirect
User ID controlled by request parameter, with unpredictable user IDs
User ID controlled by request parameter
User role can be modified in user profile
Siguiente
→
