all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How I identified and reported vulnerabilities in Oracle and the rewards of responsible…

Add to bookmarks
Feb. 28, 2023, 7:42 p.m. | ParagBagul

System Weakness - Medium systemweakness.com

How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall of Fame

Hello folks I hope you are doing well. I’m a Parag Bagul security Researcher and bug bounty hunter.

This article is based on a 2022 finding in which I discovered the Backup file leak vulnerability on Oracle website which leads to sensitive information disclosure.

THE FINDING:

While i was exploring this website i found some subdomains

  1. subdomain enumeration:

subfinder -d …

article backup bounty bug bug bounty bug-bounty-tips bug-fixes cybersecurity disclosure doing hope hunter information information disclosure leak oracle researcher responsible responsible disclosure rewards security security researcher sensitive information vulnerabilities vulnerability website

Visit resource

More from systemweakness.com / System Weakness - Medium

Level Up Your Security Expertise: The Ultimate Guide to Installing Kali Linux on Mac. 1 day ago | systemweakness.com
apple cybersecurity kali linux mac +1
Top 5 SAST Vulnerabilities and How to Fix Them 1 day, 2 hours ago | systemweakness.com
alert application application security application security testing +23
Unveiling the World of Spam Emails: A Comprehensive Exploration 1 day, 17 hours ago | systemweakness.com
cloud computing continue critical cybersecurity +18
HTB — Monteverde 1 day, 17 hours ago | systemweakness.com
hackthebox htb htb-writeup oscp +1
Spring Boot Integration Shiro Quick Start Demo 1 day, 17 hours ago | systemweakness.com
backend java shiro spring-boot
A Deep Dive into Network Security Threats 1 day, 17 hours ago | systemweakness.com
advancements challenges connected deep dive +23
Defensive Security: Installing PHPIDS on LAMP Servers 1 day, 17 hours ago | systemweakness.com
cybersecurity defense hacking linux +1
TryHackMe Network Services Writeup 1 day, 17 hours ago | systemweakness.com
ctf cybersecurity tryhackme tryhackme-walkthrough +1
Strengthening Your Digital Fortress: A Comprehensive Guide to Password Security 1 day, 17 hours ago | systemweakness.com
aspect cloud computing continue cybersecurity +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España
View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania
View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States
View on infosec-jobs.com