Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical
Description
A broken logout flow let attackers hijack accounts using just a user ID.
A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution.
This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences.
Chapters:
00:00 - INTRO
01:22 - FINDING #1 - The Logout That Logged You In
07:12 - FINDING #2 - From Signature Field to Shell Access
14:40 - OUTRO
Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → podcast@quailu.com.au
🔗 Podcast Website → Website Link
United States
