WRITEUP #2791

Broken session control leads to access the admin panel even after revoking the access!! — #ZOHO

OtherBroken Access Control

byNaveenroy

Program

Zoho

Published

Apr 12, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://naveenroy008.medium.com/broken-session-control-leads-to-access-the-admin-panel-even-after-revoking-the-access-zoho-db219b19d2dd

▸ RELATED WRITEUPS

Leaking All Users Google Drive Files

OtherBroken Access Control

Hacking Moodle Apps Via External Functions

OtherBroken Access Control

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

OtherSSTI

Built with ❤️ by Shubham Rawat