Back to directory

WRITEUP #5758

[Bug bounty | mail.ru] Access to the admin panel of the partner site and data disclosure of 2 million users

Auth BypassAuthentication bypassBlind XSS

by@iSecMax(Max)

Program

Mail.ru

Published

Oct 12, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/bugbountywriteup/bug-bounty-mail-ru-234fa6f5a5a

▸ RELATED WRITEUPS

Breaking the Barrier: Admin Panel Takeover Worth $3500

Auth BypassAuthentication bypass

SAML Authentication Bypass Leading to Admin Panel Access

Auth BypassSAML

Breaking Down Barriers: Exploiting Authenticated IPC Clients

Auth BypassIPC client

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat