← All tags

#Broken Access Control

18 posts

BugForge - Daily - Sokudo (Jul 2, 2026)

Sokudo's profile page saves through a hardened PUT /v2/profile endpoint that strips the role field, but the legacy non-versioned PUT /api/profile route binds every field blindly. By downgrading the request to the unversioned endpoint and adding role: admin, the account was escalated to administrator, unlocking the admin-only user listing that contained the flag…

Mass Assignment Privilege Escalation Broken Access Control API Versioning
Posted on 2026-07-02 20:00 4 min read

BugForge - Daily - Copy Pasta (Jun 25, 2026)

A broken access control flaw in collection sharing. A public collection share endpoint returns the contents of every assigned snippet without re-checking each snippet's own visibility, allowing a private snippet to be leaked by adding it to a public collection…

Broken Access Control IDOR
Posted on 2026-06-25 20:00 4 min read

BugForge - Weekly - Galaxy Dash (Mar 26, 2026)

This walkthrough demonstrates a broken access control vulnerability in a team management application. The application exposes user creation, update, and…

Broken Access Control Account Takeover
Posted on 2026-03-26 19:00 5 min read

BugForge - Weekly - Mesanet Portal (Mar 22, 2026)

This walkthrough demonstrates an OTP bypass and broken access control chain against the Mesanet Portal. Directory enumeration reveals a dev portal protected by…

Broken Access Control Otp Bypass
Posted on 2026-03-22 09:00 5 min read

BugForge - Daily - Cafe Club (Mar 15, 2026)

The Cafe Club application contains a Business Logic Flaw in its PUT /api/profile endpoint. The endpoint accepts a user-controlled JSON body and applies all…

Broken Access Control
Posted on 2026-03-15 19:00 4 min read

BugForge - Daily - Ottergram (Feb 28, 2026)

The Ottergram application contains an HTTP Verb Tampering vulnerability combined with an Insecure Direct Object Reference (IDOR) flaw in its comment…

Broken Access Control IDOR Http Verb Tampering
Posted on 2026-02-28 19:00 5 min read

BugForge - Daily - Gift Lab (Feb 19, 2026)

The Gift Lab application contains an Insecure Direct Object Reference (IDOR) vulnerability in its list sharing functionality. The application generates…

Broken Access Control IDOR
Posted on 2026-02-19 19:00 4 min read

BugForge - Daily - Ottergram (Feb 14, 2026)

The Ottergram application contains a Broken Access Control vulnerability in its comment update endpoint. After systematically analyzing the application's…

Broken Access Control Missing Authentication
Posted on 2026-02-14 19:00 4 min read

BugForge - Daily - Ottergram (Feb 7, 2026)

The Ottergram application contains a Missing Function Level Access Control vulnerability in its administrative post deletion endpoint. The application…

Broken Access Control Missing Function Level Access Control
Posted on 2026-02-07 19:00 4 min read

BugForge - Daily - Ottergram (Jan 31, 2026)

The Ottergram application contains an Insecure Direct Object Reference (IDOR) vulnerability in its profile update functionality. While the application…

IDOR Broken Access Control
Posted on 2026-01-31 20:00 4 min read

BugForge - Daily - Tanuki (Jan 27, 2026)

This challenge demonstrates an Insecure Direct Object Reference (IDOR) vulnerability in the profile update functionality. The application passes the username…

IDOR Broken Access Control
Posted on 2026-01-27 20:00 4 min read

BugForge - Daily - Sokudo (Jan 22, 2026)

This challenge demonstrates a broken access control vulnerability exploited through HTTP verb tampering on a typing test statistics endpoint. After…

Broken Access Control Http Verb Tampering
Posted on 2026-01-22 20:00 5 min read

BugForge - Daily - Copy Pasta (Jan 21, 2026)

This issue is a classic example of broken access control caused by trusting user-supplied object identifiers. A password reset endpoint accepts a userId…

Broken Access Control IDOR
Posted on 2026-01-21 20:00 4 min read

BugForge - Daily - Shady Oaks Finance (Jan 16, 2026)

Broken access control was identified where administrative endpoints were exposed without proper server-side authorization checks. By enumerating…

Broken Access Control
Posted on 2026-01-16 20:40 3 min read

BugForge - Daily - Ottergram (Jan 10, 2026)

The application exposes a GraphQL API with introspection enabled in production, allowing attackers to query the full API schema and discover sensitive…

Graphql Introspection IDOR Broken Access Control
Posted on 2026-01-10 20:00 5 min read

BugForge - Daily - Copy Pasta (Jan 7, 2026)

The CopyPasta application allows users to create and share code snippets with options to make them public or private. The snippet retrieval endpoint…

IDOR Broken Access Control
Posted on 2026-01-07 20:00 4 min read

BugForge - Daily - Shady Oaks Finance (Jan 2, 2026)

This vulnerability is a broken access control issue caused by insecure design, where the application trusts client-supplied input to set sensitive user…

Broken Access Control Parameter Tampering Insecure Design
Posted on 2026-01-02 20:00 6 min read

BugForge - Daily - Sokudo (Jan 1, 2026)

Exploited broken access control via HTTP verb tampering on the /api/stats endpoint: POST was blocked (404) but PUT lacked authorization, allowing stats…

Broken Access Control
Posted on 2026-01-01 20:00 4 min read
Zw4rts

© 2026 Zw4rts. All rights reserved.