WebVerse
Herbalist Remedies
Herbalist Remedies — an herbal-blend catalog — trusts its login form to compare MongoDB query objects. Slip an operator in and see who else is home.
WebVerse
Trace Control
Trackboard, an internal issue tracker, rolled to production with display_errors accidentally left on. Its /issues page has a numeric id param and a loose sense of type safety. Coax a database error to tell you what you need.
WebVerse
SwiftSearch Hotels
SwiftSearch's hotel API accepts a JSON filter body that's merged straight into a MongoDB-style query. Ordinary users filter by city and price; operators slip in just as easily.
WebVerse
Voucher Vault
Redzone Rewards — an internal employee rewards portal — exposes a voucher search that concatenates user input straight into a SELECT. Find the hidden administrative voucher.
WebVerse
Ember Kettle
A small tea shop's brand-new online catalog has a search bar that trusts everything you give it. No filter, no escape, no second thoughts.
WebVerse
Shadow Registrar
RegistryPro's WHOIS terminal returns three things: a status word, a reflected domain name, and a lookup time. The query layer accepts stacked statements. Everything you need leaks through the clock.
WebVerse
Traverse
Traverse Docs' knowledge base. A clean documentation site — but how does it serve those pages under the hood?
WebVerse
Schematic
Schematic Inc's internal product dashboard. The frontend shows you what they want you to see — what's behind it?
WebVerse
Gatekeeper
Gatekeeper Corp's employee intranet. The internal dashboard holds sensitive company memos — can you find a way in?
WebVerse
Sandpiper Stationery
A boutique stationer's shipment-tracking form politely echoes your reference number back into the page. Too politely.
WebVerse
Rivet & Tack
A family leather shop reflects your order ID right into the page — and can't be bothered with quote marks around the attribute.
WebVerse
Fermata
A piano-tuner booking site still has a debug comment baked into production. It echoes your input — right into an HTML comment.