Showing all posts tagged with "OWASP 2017 A3". You can also see all tags.
The web page for shipment information contained personal data - and it was possible to iterate through the data.
Personal info like Social Security numbers and personal documents were available. While I mostly hail the City of Bergen's handling of this issue, here are also the details they didn't tell you.
A web shop left their backup of all shopping data and their site in a publicly available directory - indexed by Google.
A newspaper published details about a newly discovered serious security vulnerability. Here are the details that the newspaper article did not give.
Information about as many as maybe 1.5 million past, current and future hotel stays were openly accessible on the Internet.