LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

500$ Idor vulnerability.

4 weeks ago 26
BOOK THIS SPACE FOR AD
ARTICLE AD

It was a shopping website , selling products , t-shirts and somethings like that , When you add a product to your shopping cart , there is a request with “product_id” parameter to fetch the product data , i think that what if there is a non released products , a private ones that they don’t want to disclsose them public now.

So i send the request to Burp intruder , put the combo list from 1–1000 , and guess what i got hits!

Timeline:

Reported October 23, 2024

Triaged and Bounty October 25, 2024

Read Entire Article
  3. 500$ Idor vulnerability.

Related

How a Simple Bug Could Have Taken Down Your Instagram Tags

How a Simple Bug Could Have Taken Down Your Instagram Tags

Why Bug Bounty Is Just for You :)

Why Bug Bounty Is Just for You :)

Disallowed but Discoverable: The Hacker’s robots.txt Playbook

Disallowed but Discoverable: The Hacker’s robots.txt Playbook

HTML INJECTION- My Second Major Bounty

HTML INJECTION- My Second Major Bounty

Building a Bug Bounty Journey: Exploring Web Security with a Custom CMS

Building a Bug Bounty Journey: Exploring Web Security with a Custom CMS

7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?

7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?

Trending

1. IPL Auction 2025 Date and Time
2. Hemant Soren
3. UP upchunav Result
4. Raj thackeray
5. Priyanka Gandhi
6. Ajit Pawar
7. Uddhav Thackeray
8. News today
9. Wayanad Election Result
10. Aditya Thackeray

Popular

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved