How I Found a CSRF Vulnerability That Could Take Over Student Accounts on an Educational Platform
This vulnerability was a Cross-Site Request Forgery (CSRF) attack, allowing malicious users to hijack student accounts on an educational platform by manipulating a sensitive account management action (changing passwords) through an unsuspecting victim's browser session. The application failed to verify that the origin of the request was the legitimate user, instead relying on session cookies for authentication without additional CSRF protection. By using a crafted payload within a link, the researcher exploited the flawed security mechanism by forcing the victim's browser to make a password change request on behalf of the attacker. The impact was significant as unauthorized individuals could gain access to sensitive student accounts. The researcher received $500 as part of the bug bounty program, and the platform responded by implementing CSRF tokens for account management actions to prevent future attacks. Key lesson: Always implement CSRF tokens to protect sensitive user actions. #BugBounty #Cybersecurity #WebSecurity #CSRF

https://medium.com/@s3clipt0r/how-i-found-a-csrf-vulnerability-that-could-take-over-student-accounts-on-an-educational-platform-6e65bc70816f?source=rss------bug_bounty-5

When Old Breaches Meet New Code: Why Historical Leaks Still Matter
This vulnerability demonstrates the persistence of historical breaches in current systems due to a lack of code updates or inadequate data sanitization. In this instance, the application used email addresses from an old data breach in its password recovery feature, allowing attackers to obtain user credentials by matching leaked emails to hashed passwords in a rainbow table (a precomputed table of hashed passwords). The attacker was able to bypass rate-limiting and CAPTCHA protections by using a Python script to automate the process. The mechanism relied on a combination of brute force and dictionary attacks, taking advantage of weak password choices by some users. The impact was significant, as attackers could gain unauthorized access to user accounts. No bounty amount was disclosed, but the platform addressed the issue by implementing a more secure password recovery process that no longer relies on leaked email addresses. Key takeaway: Keep your code updated and data secure by regularly sanitizing and rotating credentials from historical breaches. #BugBounty #Cybersecurity #WebSecurity #PasswordRecovery #DataBreach

https://infosecwriteups.com/when-old-breaches-meet-new-code-why-historical-leaks-still-matter-b4e6eb8ac607?source=rss------bug_bounty-5

Exploiting SQL Injection to Bypass Login Authentication | PortSwigger Lab Write-up
This vulnerability was an SQL Injection in the login authentication process, bypassing user validation. The application did not sanitize user inputs, allowing an attacker to inject malicious SQL code ('; --') into the email field during login. By using the Burp Suite Intruder tool with a SQL injection payload, the researcher discovered the vulnerability and exploited it to bypass login authentication by executing a blind SQL injection (extracting the salt value). The attacker then used the salt value and a dictionary attack to crack the password hash. The impact included unauthorized access to user accounts. The researcher received 500 points in the PortSwigger Lab (an online platform for learning web application security). Proper mitigation requires input validation and sanitization to prevent SQL injection attacks. Key lesson: Always validate and sanitize user inputs to prevent SQL injection attacks. #BugBounty #Cybersecurity #WebSecurity #SQLInjection #InputValidation

https://medium.com/@shrmashivam2005/exploiting-sql-injection-to-bypass-login-authentication-portswigger-lab-write-up-3e5329d8689d?source=rss------bug_bounty-5

https://ghostlyinc.com/de-de/my-online-fingerprint/

#privacy #security #websecurity #fingerprinting #tracking #cybersecurity #webdev

Sunday, March 15, 2026

Day 73 of Year 3
Day 804 overall since Jan 1, 2024

💻 nhcarrigan-mentorship:
• Continued backend debugging
• Focused on identifying and fixing issues in API routes and database interactions
• Strengthened understanding of Express + Prisma workflows

Debugging is the path to mastery — every fix today makes tomorrow’s backend stronger! ⚡

#BackendDevelopment #WebSecurity #NodeJS #ExpressJS #PrismaORM #APIDevelopment #BuildInPublic #DevJourney #SoftwareEngineering

How I Found a Critical IDOR Leading to Account Takeover in Two EdTech Platforms
The vulnerability was an Insecure Direct Object Reference (IDOR) in two EdTech platforms, allowing account takeover through user profile manipulation. The flaw resulted from improper input validation, leading to user profiles being accessible via URL parameters. By constructing carefully crafted URLs containing other users' IDs, the researcher accessed their profiles without proper authentication. The attack vector involved using Burp Suite's Intruder tool to automate IDOR requests, sending payloads with incremental user IDs. The mechanism revolved around the application trusting the provided IDs without verifying their ownership or performing proper authorization checks. This IDOR flaw enabled the researcher to impersonate other users, potentially causing serious account takeovers. The researcher did not disclose specific bounty amounts or program responses. Proper mitigation requires implementing strict input validation and enforcing proper access control checks. Key lesson: Always validate user inputs and enforce proper access control to prevent unauthorized data access. #BugBounty #Cybersecurity #WebSecurity #IDOR #AccountTakeover #InputValidation

https://medium.com/@impyhacker/how-i-found-a-critical-idor-leading-to-account-takeover-in-two-edtech-platforms-44439a66ceb3?source=rss------bug_bounty-5