Back to directory
WRITEUP #1623

An IDOR vulnerability often hides many others

IDORGraphQL
by@blank_cold(Allam Rachid)
Bounty
500
Program
-
Published
Feb 1, 2023
Added to HackDex
Feb 7, 2023
Read Full Writeuphttps://infosecwriteups.com/an-idor-vulnerability-often-hides-many-others-2893ddd0a0d7
RELATED WRITEUPS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Zomatoooo! IDOR in Saved Payments
IDOR
Authorization bypass due to cache misconfiguration
APIAuthorization bypass
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel
IDORBroken Access Control

Built with ❤️ by Shubham Rawat