Normally in summer, people chose to go in holiday in their free time, but for my part I was focused in security research, it has now become my playground. I also decided to specialize in web security…

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A security researcher explains the technical details of finding IDOR vulnerabilities in a bug bounty program. The researcher discovered two IDOR flaws, one allowing deletion of the CMS of all customers and another allowing deletion of all users' personal data. The vulnerabilities were categorized as P3 and P1 respectively.

IDOR “Insecure direct object references”, my first P1 in Bugbounty

IDOR “ Insecure direct object references” , my first P1 in Bugbounty

So the bugbounty plateform accepted the vulnerability as P3

The bugbounty plateform accepted the vulnerability as P1 this time