Go Manila Bug

I found a simple vulnerability of GoManila, the app from Manila’s Office of the Mayor.

The app is using Firebase for the backend and the developer forgot to set the privacy settings thus anyone can visit the link and view its data on https://gomanila.firebaseio.com/.json

I reported it to the Office of the Mayor and settings was updated already.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

<span>%d</span> bloggers like this: