IDOR in activateFuelCard id allows bulk lookup of driver uuids

Due to an IDOR in the `activateFuelCard` endpoint, an attacker could enumerate driver UUIDs. When given a sequential card ID number, the endpoint returned a driver’s UUID given, allowing an attacker to gather many driver UUIDs for use in a different attack. Thanks, @cablej!