文章目录 前言 1.Lab: Unprotected admin functionality 2.Lab: Unprotected admin functionality with unpredictable URL 3.Lab: User role controlled by request parameter 4.Lab:User role can be modified in user profile 5.Lab: User ID controlled by…
目录
BOLA Vulnerabilities
Challenge 1 - Access details of another user’s vehicle
Challenge 2 - Access mechanic reports of other users
Broken User Authentication
Challenge 3 - Reset the password of a different user
Excessive Data Exposure
Challenge …