information-disclosure 19

• Multi-Step Access Control Bypass Leads to Administrative Compromise | Tamper Temple Jun 6, 2026
• Information Disclosure – Sensitive Resource Exposure via robots.txt | Sundial Observatory May 30, 2026
• Information Disclosure – Redirect Debug Comment Exposure | Redirect Run May 30, 2026
• Information Disclosure – Sensitive HTML Comment Exposure | Vellichor Press May 30, 2026
• Information Disclosure – Debug Branch Receipt Exposure | Quikpay Receipts May 29, 2026
• Information Disclosure – Client-Side Analytics Exposure | Pebble & Pine May 28, 2026
• Exposed Git Repository Information Disclosure | Loop & Roam Records May 27, 2026
• Local File Inclusion via Double URL Encoding | Mirage May 27, 2026
• GraphQL Information Disclosure – System Configuration Exposure | Schematic May 26, 2026
• Sensitive Information Disclosure – Secrets Exposed in Base64 Session Cookie | Cookie Cutter May 20, 2026
• Information Disclosure – Sensitive Debug Header Leakage via Response Metadata | Header Hunt May 19, 2026
• SQL Injection to Admin Access – Hidden Identity Exposure | The Caretaker May 17, 2026
• LDAP Injection – Hidden Registrar Archive Disclosure | Saint Croix University May 15, 2026
• GraphQL Introspection and Sensitive Data Exposure | Ottergram May 9, 2026
• UUID-Based IDOR Through Member API | Apex May 9, 2026
• Local File Inclusion – Arbitrary File Read Leading to Flag Disclosure | Corridor May 1, 2026
• SQL Injection – Full Database Extraction via Search Function | Flower Apr 30, 2026
• Information Disclosure – Sensitive Data Exposure via Source Code, Headers & Public Files | Hidden in Plain Sight Apr 11, 2026
• Broken Access Control – Unprotected Admin Panel via Unpredictable URL Leading to Privilege Escalation | Unprotected Admin Panel Mar 28, 2026