Back to directory
WRITEUP #1380

Credit card statement disclosure vulnerability in Viseca's eXpense portal

IDOR
by@pentagridsec(Pentagrid)
Program
Viseca
Published
Mar 20, 2023
Added to HackDex
Mar 23, 2023
Read Full Writeuphttps://www.pentagrid.ch/de/blog/viseca-expense-credit-card-statement-disclosure/
RELATED WRITEUPS
Zomatoooo! IDOR in Saved Payments
IDOR
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel
IDORBroken Access Control
Bypassing ACLs – IDOR exploitation via HPP
IDORHTTP parameter pollution

Built with ❤️ by Shubham Rawat