Back to directory

WRITEUP #1412

The Time I Hacked Google’s Manual Actions Database

OtherBroken Access ControlBroken authorization

by@TomAnthonySEO(Tom Anthony)

Bounty

5,000

Program

Google

Published

Mar 13, 2023

Added to HackDex

Mar 15, 2023

Read Full Writeuphttps://www.tomanthony.co.uk/blog/googles-manual-actions-hack/

▸ RELATED WRITEUPS

Leaking All Users Google Drive Files

OtherBroken Access Control

Hacking Moodle Apps Via External Functions

OtherBroken Access Control

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

RCEForced browsing

Built with ❤️ by Shubham Rawat