Sunday, November 15, 2015

Bugbounty - Password returned in the response in cleartext

Another interesting bug, that I found in www.tagged.com. As you know www.tagged.com & www.hi5.com are pretty famous and old social media. Design and functionality of these two domains are pretty similar.

BugBounty-Unexpected application behaviour causing self DoS attack

Hi Guys,
From now onwards I am starting real world bug hunting case studies of mine. This is the first draft of it. I was performing blackbox testing of this website.