#Privilege Escalation
3 postsBugForge - Daily - Sokudo (Jul 2, 2026)
Sokudo's profile page saves through a hardened PUT /v2/profile endpoint that strips the role field, but the legacy non-versioned PUT /api/profile route binds every field blindly. By downgrading the request to the unversioned endpoint and adding role: admin, the account was escalated to administrator, unlocking the admin-only user listing that contained the flag…
Mass Assignment Privilege Escalation Broken Access Control API Versioning
Posted on 2026-07-02 20:00 4 min read
BugForge - Weekly - Fur Hire (Feb 28, 2026)
This walkthrough demonstrates two chained vulnerabilities in a job recruitment application. The /api/register endpoint exposes a role parameter that is…
Mass Assignment Privilege Escalation MFA Brute Force Rate Limit Bypass
Posted on 2026-02-28 09:00 7 min read
BugForge - Weekly - FurHire (Jan 11, 2026)
This walkthrough demonstrates a chained attack where a SQL Injection vulnerability in the job listing API endpoint (/api/jobs/{id}) is manually exploited using…
SQL Injection JWT Privilege Escalation
Posted on 2026-01-11 20:00 5 min read