writeups.xyz
/
Ophion Security (@OphionSecurity)
Title
Vulnerabilities
Programs
Authors
Customer account takeover in Shopify stores
Account Takeover
OAuth
Shopify
Ophion Security (@OphionSecurity)
Placeholder for Dayzzz: Abusing placeholders to extract customer informations
SSTI
Information Disclosure
GitHub
Ophion Security (@OphionSecurity)
Unauthorized access to Codespace secrets in GitHub
Logic Flaw
Broken Access Control
Account Takeover
GitHub
Ophion Security (@OphionSecurity)
Hacking our way into internal DBs with hardcoded authentication keys
JWT
SSO
Authentication Bypass
Security Misconfiguration
Undisclosed
Ophion Security (@OphionSecurity)
Page 1 of 1
writeups.xyz
/
Ophion Security (@OphionSecurity)