WRITEUP #1291

From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR

IDORDebug mode enabledInformation disclosureJWTBroken Access ControlExposed registration page

Program

Published

Apr 14, 2023

Added to HackDex

May 8, 2023

Read Full Writeuphttps://medium.com/@ar_hawk/from-django-debug-mode-to-pii-data-leak-of-more-than-500-employees-due-broken-access-control-and-a3eb602a4207

▸ RELATED WRITEUPS

A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel

IDORBroken Access Control

Zomatoooo! IDOR in Saved Payments

IDOR

P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!

ReconInformation disclosure

$15k RCE Through Monitoring Debug Mode

RCELFI

How I Got Bugs From Google Dorks

ReconInformation disclosure

Built with ❤️ by Shubham Rawat