Author: bugdiscloseguys

Any user can edit any list. 0

Any user can edit any list.

Hey There, I hope you guys doing great out there. While i was hunting Instacart , I found that any user from whom a list is shared via link or any random list is...

Privilege Escalation From Manager To Admin. 3

Privilege Escalation From Manager To Admin.

Hello Users, While i was working around with sentry which is an Public Program over hackerone i found that i was able to escalate myself from manager to admin. An admin is only person...

Coinbase Partial 2FA Bypass On Enabling Recurring Payments. 0

Coinbase Partial 2FA Bypass On Enabling Recurring Payments.

Hello Users, While i was pentesting Coinbase I noticed that while creating Recurring payment meanwhile when 2FA is enabled it asks a user to enter verification code. So when someone confirm the recurring payment...

Read-only share recipient can restore old versions of file. 1

Read-only share recipient can restore old versions of file.

Description The restore capability of Nextcloud was not verifying whether an user has only read-only access to a share. Thus an user with read-only access was able to restore old versions. Affected Software Nextcloud...

Non-Deletable Co-Admin Due To Change Name Functionality 0

Non-Deletable Co-Admin Due To Change Name Functionality

Hey Users…. I Found Something Unusual While I Was Working With username.bime.io I Noticed When An Admin Adds A New Admin Lets Name Him X . So After Creating A New User Admin Can...