Hello everyone... Here I'm presenting a writeup on the Unrestricted File Upload vulnerability that I found on a renowned company. Since I should not disclose the real domain, let's say it is redacted.com This is the first bug that I found and got paid $116 . This is easy to find and I think it took around 15 minutes to find and exploit. But not all bugs can be found in a short span. There are even days where I didn't find any. But every time I try to hunt on a program I learned something new because I do a lot of googling to understand how applications work. Moreover, I do bug bounty part-time for fun. Rewards or bounty that we get in return will boost our interest to do more hunting. All the programs that we can hunt for bugs are like a playground for me to practice what I learned. Without wasting your time let's get into the writeup. Vulnerability description This bug was found on a domain appsadmin.redacted.com I did subdomain enumeration on red...
Application Security, Competitive Programming, Linux and Technology