Back to directory
WRITEUP #4284

Perform substring search for emails even if Workplace admin hides email profile field.

OtherBroken Access ControlBroken authorization
by@RahulKankrale(Rahul Kankrale)
Bounty
1,000
Program
Meta / Facebook
Published
Oct 25, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://servicenger.com/blog/mobile/perform-substring-search-for-emails-even-if-workplace-admin-hides-email-profile-field/
RELATED WRITEUPS
Leaking All Users Google Drive Files
OtherBroken Access Control
Hacking Moodle Apps Via External Functions
OtherBroken Access Control
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)
RCEForced browsing

Built with ❤️ by Shubham Rawat