1 posts · last updated May 2026
An IDOR vulnerability I discovered in the Tüketici Hakem Heyeti (TÜBİS) system: by manipulating a single parameter, I could access the national ID number, full name, and surname of any citizen and modify their contact information.