Information discloser on Mixmax.com
Hii frends
So as you all know Information gathering is the most important phase of hacking a website.
So just I was finding the sub-domains of the mixmax.com and I found a Subdomain :
email.mixmax.com
And when I open it ,some non-critical Information about API was disclosing.
At first I ignore that because it was like just simple request and response but after when i took one more look some thing was obvious there that does not designed to be on.
So I reported it and Got Duplicate.
This post was for that is Don't ignore the Information gathering phase because it can contain big bounties link trello pass and ID discloser.
Contacts:
Facebook , Twitter , Github , Email
☺
So as you all know Information gathering is the most important phase of hacking a website.
So just I was finding the sub-domains of the mixmax.com and I found a Subdomain :
email.mixmax.com
And when I open it ,some non-critical Information about API was disclosing.
At first I ignore that because it was like just simple request and response but after when i took one more look some thing was obvious there that does not designed to be on.
So I reported it and Got Duplicate.
This post was for that is Don't ignore the Information gathering phase because it can contain big bounties link trello pass and ID discloser.
Contacts:
Facebook , Twitter , Github , Email
☺
This Vuln. Has not been patched then why you posted this here ?
ReplyDelete