Back to directory
WRITEUP #6127

#BugBounty — How I was able to read chat of users in an Online travel portal

IDOR
by@logicbomb_1(Avinash Jain)
Program
-
Published
Jan 10, 2018
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/bugbountywriteup/bugbounty-how-i-was-able-to-read-chat-of-users-in-an-online-travel-portal-c55a1787f999
RELATED WRITEUPS
Zomatoooo! IDOR in Saved Payments
IDOR
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel
IDORBroken Access Control
Bypassing ACLs – IDOR exploitation via HPP
IDORHTTP parameter pollution

Built with ❤️ by Shubham Rawat