sensitive-data-exposure 13

• SQL Injection – Secret Extraction from Internal Logs Console | Vibed May 21, 2026
• Sensitive Information Disclosure – Secrets Exposed in Base64 Session Cookie | Cookie Cutter May 20, 2026
• Information Disclosure – Sensitive Debug Header Leakage via Response Metadata | Header Hunt May 19, 2026
• IDOR via WebSocket Subscription – Cross-Order Data Exposure | JoyStick May 16, 2026
• GraphQL Introspection and Sensitive Data Exposure | Ottergram May 9, 2026
• File Extension Blacklist Bypass – Unrestricted Upload to RCE | Hackviser Lab May 4, 2026
• File Signature Bypass – Polyglot File Upload to RCE | Hackviser Lab May 4, 2026
• MIME Type Filter Bypass – Unrestricted File Upload to RCE | Hackviser Lab May 4, 2026
• Unrestricted File Upload – RCE Leading to Database Credential Disclosure | Hackviser Lab May 4, 2026
• Information Disclosure – Sensitive Data Exposure via Source Code, Headers & Public Files | Hidden in Plain Sight Apr 11, 2026
• Unauthenticated Access – MySQL Misconfiguration Leading to Data Exposure | Query Gate Mar 29, 2026
• Anonymous Access – FTP Misconfiguration Leading to Credential Disclosure | File Hunter Mar 29, 2026
• IDOR – Password Disclosure via Insecure Direct Object Reference | User ID Controlled by Request Parameter Mar 29, 2026