The very first thing that should caught our attention is that it is a flask application , therfore one should check for SSTI(server side template injection). Now the job is to identify which SSTI engine .Using the payload
the output 7777777 in response box indicates that it is…
Malicious File Upload
Large amount of bug found these days encompass xss , sql , idor etc. However even the bug requiring low complexity but high severity can score you a good bounty.All you need is creativity.
There is website let’s say redacted.com (for bug disclosure reason’s) that provides users…