all InfoSec news
How I identified and reported vulnerabilities in Oracle and the rewards of responsible…
System Weakness - Medium systemweakness.com
How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall of Fame
Hello folks I hope you are doing well. I’m a Parag Bagul security Researcher and bug bounty hunter.
This article is based on a 2022 finding in which I discovered the Backup file leak vulnerability on Oracle website which leads to sensitive information disclosure.
THE FINDING:
While i was exploring this website i found some subdomains
- subdomain enumeration:
subfinder -d …
article backup bounty bug bug bounty bug-bounty-tips bug-fixes cybersecurity disclosure doing hope hunter information information disclosure leak oracle researcher responsible responsible disclosure rewards security security researcher sensitive information vulnerabilities vulnerability website