How I was able to see any private album in Picturepush — IDOR

click on create album

--

--

--

Security Researcher | 21 years from iraq

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

OneRing Official Reimbursement Plan

Increase in cyber attacks amid COVID-19

RSA 2020: Show Time!

HTB: Granny Write-up

Your Business is Losing Money by Not Securing Against SQL Injection

SQL Injection

BurgerSwap Flash Loan Attack | Analysis

BurgerSwap Flash loan attack analysis

https://t.co/usVNWrHoGY

Key Questions About MITRE Shield

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Murtada Kamil

Murtada Kamil

Security Researcher | 21 years from iraq

More from Medium

Stored XSS and HTML Injection in United Nations Web Application

What I Learned This Week In Cyber 6/16/22

VishwaCTF-22 => “Hey Buddy!” (Web)

Security, Your Utmost Concern.