Abhi Sharma1000$ IDOR : Unauthorized Project Inclusion in ExpenseHi Everyone! Today, I’m excited to talk about a critical vulnerability I discovered in a platform (let’s call it ExamFit), which allowed…5h ago5h ago
Abhi SharmaNewLine Character Cause DoS: Folder & File Deletion FlawDiscover how a subtle flaw in ExampleHub, a pivotal platform for collaborative data management, has exposed users to a security risk. This…Jul 12Jul 12
Abhi Sharma$500 for Cracking Invitation Code For Unauthorized Access & Account TakeoverHi everyone! Today, I’m excited to share a fascinating vulnerability I discovered in a platform we’ll call “ExampleSpark.” This particular…Jul 64Jul 64
Abhi SharmainInfoSec Write-ups1500$: CR/LF InjectionHi Everyone, How you all doing. In this article, I’m going to talk about a CR/LF bug I discovered in an private program which i m going to…Mar 237Mar 237
Abhi SharmaBypass Rate Limit on authentication endpoints like a pro………!In the world of ethical hacking, mastering the art of bypassing rate limits can be a game-changer and help you get more bounties. Let’s…Feb 242Feb 242
Abhi SharmainInfoSec Write-upsThe UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission ChangesFeb 41Feb 41
Abhi Sharma500$: MFA bypass By Race ConditionThe article is about a bug I found when I was trying to break the other logic in the software. But instead i founded a way to bypass the…Jan 273Jan 273
Abhi Sharma921$ Privilege Escalation: Unauthorized User Addition to Shared APP ConnectionsThis article is about a bug which i founded in nov. of last year which allow an low level and unauthorized user to add a new user in shared…Jan 205Jan 205
Abhi SharmainInfoSec Write-upsRegeneration of API key by low level user: 500$ Access Control bugI recently uncovered a flaw permits regular users to regenerate API keys for the test suite, utilizing an API endpoint originally…Jan 134Jan 134
Abhi SharmainInfoSec Write-ups500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.Recently,i found an interesting bug during my testing that enables a supporter to carry out restricted actions within the developer…Jan 63Jan 63