all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…

Add to bookmarks
March 25, 2024, 12:59 p.m. | Vedavyasan S (@ved4vyasan)

System Weakness - Medium systemweakness.com

Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government Site

Insecure direct object references to file upload

Hi friends, I’m Vedavyasan S👽, a full-time bug hunter and a cybersecurity enthusiast. In this short time, I’ve secured Apple, Microsoft, Nokia, BBC, UN, IIT, and some government websites of India. 🕵️‍♂️💻

Let’s get to the story. I live in a small village in Kerala. One day, my friends teased me for not knowing the full forms …

bug bounty bug-bounty-tips bugs cybersecurity hacking

Visit resource

More from systemweakness.com / System Weakness - Medium

The Future of Programming: A Look at Emerging Languages Shaping Software Development 2 days, 6 hours ago | systemweakness.com
address article changing development +14
Cyber Detectives Unite: Advanced Tools for Web Security 2 days, 6 hours ago | systemweakness.com
bug bounty computer science cybersecurity ethical hacking +1
Mittre Att&ck‘s User Manual 3 days, 3 hours ago | systemweakness.com
adversary amp att attacks +22
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration 3 days, 3 hours ago | systemweakness.com
bug bounty hacking security technology +1
Limit Requests to EC2 Instances to Cloudflare Only IPs 3 days, 3 hours ago | systemweakness.com
aws aws lambda cloudflare security +1
Canary Codes for Curious Minds 3 days, 3 hours ago | systemweakness.com
canary tokens hacking ip address location +1
Zero Trust Network Access 4 days ago | systemweakness.com
least privilege microsegmentation network security virtual private network +1
Ransomware-as-a-Service: Democratizing Digital Destruction and How to Fortify Your Defenses 4 days ago | systemweakness.com
as-a-service attacks businesses critical +24
Detecting Mobile Threats: Indicators of Compromise 4 days ago | systemweakness.com
business compromise continue cybersecurity +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs