Azhari HarahapIDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) DisclosureIn this post, I will show you how I discovered an Insecure Direct Object Reference (IDOR) vulnerability at the Get Payment Data endpoint.Jul 171Jul 171
Azhari HarahapBroken Access Control (IDOR) & Credential Leak at Legacy API Video TranscodeHello everyone,May 152May 152
Azhari HarahapRace Condition on Change Email Leads to Arbitrary Email ForgeryHello everyone,Apr 196Apr 196
Azhari HarahapBroken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…Hello everyone,Apr 121Apr 121
Azhari HarahapHow I Helped Indonesian Startup Company to Prevent Millions of PII Data LeaksHello everyone,Jan 102Jan 102