Black & White Path

Feb 14, 2026 · Information Security

How I Uncovered Critical Vulnerabilities in an EDU Certificate Site

The author details a step‑by‑step security assessment of an EDU certificate platform, revealing edge asset discovery, unauthorized .map file leakage, arbitrary file download and upload, path‑traversal flaws, and credential exposure via Bash history, culminating in high‑severity findings.