Some sites use insecure access controls based on request parameters. For example, a site might use a role_id parameter to denote whether the user should be treated as having admin privileges in the ...