one famous “vulnerability” was when a guy noticed his Apple ID Login had basically “User1234” in the URL. So, out of curiosity he decided to make it “User1235” instead… and the site just showed him that person’s private profile information. WILDLY unsecure, and CLEARLY Apple’s fault, yet having found that and did it (presumably a bunch) he then got prison time.

Also one time I was researching a company and found what’s called a “github” which still had leftover style information from old websites this company ran but that didn’t exist anymore. I discovered style information for an old website tool that let you schedule a meeting with the CTO when you won a contest they’d run… and so I copy and pasted the URL in their style code, and it took me to the CTO’s google calendar inviting me to schedule myself a meeting. The website hadn’t existed for quite a while most likely but that old link still worked so I went ahead and scheduled my own second job interview.

A lot of vulnerabilities are more sophisticated but at least some of the time it’s just some dumb oversight that nobody thought of yet. Lots of tech companies even have what’s called a “bug bounty” where if you find something like that, they will pay you to tell them what it is so they can fix it.