IDOR Demo — Profile Viewer
Logged in as:
User #42
🔓 Vulnerable
https://app.company.com
/api/users/
42
Try changing the user ID in the URL above! Click the IDs below or edit the URL directly in your browser's address bar.
Try user IDs:
#1
#2
#7
#42
#99
TU
You (Test User)
USER
Email
testuser@company.com
Phone
+1-555-0042
Address
789 Pine Road, Suite 4
User ID
#42
Request Log
GET /api/users/42
Authorization: Bearer token_user_42
← 200 OK
Content-Type: application/json
⚠ No authorization check performed