WRITEUP #4228

Stealing User’s PII info by visiting API endpoint directly

ReconInformation disclosureLogic flaw

by@kunalp94(Kunal pandey)

Bounty

500

Program

Published

Nov 16, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20201116060315/https://medium.com/@kunal94/stealing-users-pii-info-by-visiting-api-endpoint-directly-5062e0147f67

▸ RELATED WRITEUPS

P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!

ReconInformation disclosure

How I Got Bugs From Google Dorks

ReconInformation disclosure

How I can easily get four P1 at NASA using Simple Google Dorking.

ReconInformation disclosure

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

$1600 Bounty on a Main Domain

ReconSession fixation

Built with ❤️ by Shubham Rawat