Go Manila Bug

I found a simple vulnerability of GoManila, the app from Manila’s Office of the Mayor.

The app is using Firebase for the backend and the developer forgot to set the privacy settings thus anyone can visit the link and view its data on https://gomanila.firebaseio.com/.json

I reported it to the Office of the Mayor and settings was updated already.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

  You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

  You are commenting using your Twitter account. Log Out /  Change )

  You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s