can1337inInfoSec Write-upsMRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)Hi, this write-up series was created to share the original reports of some vulnerabilities I found, with the necessary corrections made…Mar 14Mar 14
can1337inInfoSec Write-upsMy Report Summaries #1: Project manager can see & download all users’ login history at redacted app…Hi, this write-up series was created to share the original reports of some vulnerabilities I found, with the necessary corrections made…Mar 41Mar 41
can1337inInfoSec Write-upsDisclosure email address of any Wordpress user via redacted-serviceHello fellas, in this write-up, I’m gonna talk about disclosing email address of any WordPress user by using an another service within…Oct 11, 2023Oct 11, 2023
can1337inInfoSec Write-upsBypassing email verification of high-profile tech company ($$$)Hi guys, after almost a year, I thought I should create a new write-up. Today, I’m gonna show you the email verification bypass…Jul 29, 20236Jul 29, 20236
can1337inInfoSec Write-upsBypass Apple’s redirection process with the dot (“.”) characterHi guys, I have been gone for a while but now I’m back and here is a new write-up post. Today, I’m gonna show you the Open Redirection…Dec 24, 20221Dec 24, 20221
can1337inInfoSec Write-upsBreak the Logic: 5 Different Perspectives in Single Page (€1500)Hello everyone. Today I’m going to talk about five different vulnerabilities that I found on a single page. Three of these vulnerabilities…Aug 26, 20222Aug 26, 20222
can1337inInfoSec Write-upsBreak the Logic: Insecure Parameters (€300)Hello everyone. Today, I’m going to talk about two minor vulnerabilities based on insecure parameters that I discovered in the same…Aug 24, 20223Aug 24, 20223
can1337inInfoSec Write-upsMultiple bugs in one program leads to €1500Hi, today I‘m going to talk about three basic vulnerabilities that I discovered in the same program and were rewarded with 1500€.Aug 2, 20222Aug 2, 20222
can1337inInfoSec Write-upsI mean, IDOR is NOT only about others IDHi folks! In this write-up, I’m going to talk about the vulnerability I found to broaden your perspective on IDORs.Jul 22, 20222Jul 22, 20222
can1337inInfoSec Write-upsHow Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control)Hello everyone!Mar 11, 20221Mar 11, 20221
