ZKTime Web Software version 2.0 suffers from an insecure direct object reference vulnerability. Continue reading...