WRITEUP #6110

[Yahoo Bug Bounty] Unauthorized Access to Unisphere Management Server Debugging Facility on https://bf1-uaddbcx-002.data.bf1.yahoo.com/Debug/

OtherBroken authorization

byPeerzada Fawaz Ahmad Qureshi

Bounty

300

Program

Yahoo! / Verizon Media

Published

Jan 25, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20191218054030/https://medium.com/@zk34911/yahoo-bug-bounty-unauthorized-access-to-unisphere-management-server-debugging-facility-on-448aeb6d0c94

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

RCEForced browsing

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

OtherSSTI

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Built with ❤️ by Shubham Rawat