Web mass assignment vulnerability is a type of security vulnerability where attackers can modify the model attributes of an application through the parameters sent to the server. Reversing the code, attackers can see these parameters and by assigning values to critical unprotected parameters during the HTTP request, they can edit the data of a database and change the intended functionality of an application.
Service misconfigurations
Once we gather the service banner, the next stop should be to identify possible default credentials. If there is no default credentials, we can try weak username and password combination wordlist.