| 5144 | PornHub: Email Confirmation Bypass |
Email verification bypass |
PornHub |
Vaxo Dai (@___0x00) |
Bug Bounty | 2016-09-04 | 2023-06-13 |
| 4384 | A Curious Case From Little To Complete Email Verification Bypass |
Email verification bypass
Authorization flaw |
NA |
Megaman (@N0_M3ga_Hacks) |
Bug Bounty | 2019-01-01 | 2023-06-13 |
| 4336 | A short tale of Account verification bypass |
Email verification bypass
Authorization flaw |
NA |
Satyendra Kumar |
Bug Bounty | 2019-01-27 | 2023-06-13 |
| 4190 | [CONFIRMATION BYPASS ] |
Email verification bypass
Information disclosure |
NA |
Navneet (@na5n33t) |
Bug Bounty | 2019-04-21 | 2023-06-13 |
| 3986 | break and bypass verification email |
Open redirect
Email verification bypass
Weak crypto |
Bukalapak |
Abdelhak Kharroubi |
Bug Bounty | 2019-08-07 | 2023-06-13 |
| 3562 | Playing with JSON Web Tokens for Fun and Profit |
Password reset
Email verification bypass |
NA |
Muhammad Qasim Munir (@MeetAn0nym0us) |
Bug Bounty | 2020-04-04 | 2023-06-13 |
| 2349 | How the use of hidden form fields lead to Email verification bypass |
Email verification bypass
Client-side enforcement of server-side security |
NA |
Yash Swarup (@wazirsec) |
Bug Bounty | 2021-08-03 | 2023-06-13 |
| 1966 | Bounty Evaluation GitHub = $15,000 US Dollars | Rate Limit |
Bruteforce
Email verification bypass
Account takeover |
GitHub |
Taniya Agarwal |
Bug Bounty | 2021-12-28 | 2023-06-13 |
| 1894 | How I was able to take over accounts in websites deal with Github as an SSO provider |
Bruteforce
Lack of rate limiting
SSO
Email verification bypass
Account takeover |
NA |
Khaled Mohamed |
Bug Bounty | 2022-01-25 | 2023-06-13 |
| 1718 | Bypass confirmation to add payment method. |
Email verification bypass
Logic flaw |
NA |
Yaj Desu |
Bug Bounty | 2022-03-18 | 2023-06-13 |
| 1514 | Weird Email Verification Bypass |
Email verification bypass |
NA |
Vaibhav Atkale |
Bug Bounty | 2022-05-28 | 2023-06-13 |
| 1413 | My First Apple Bug And My First Writeup |
IDOR
Email verification bypass |
Apple |
Banavath Aravind (@nanicyb) |
Bug Bounty | 2022-06-29 | 2023-06-13 |
| 1255 | Email Confirmation bypass at Instagram |
Email verification bypass
Logic flaw |
Meta / Facebook |
Avinash Kumar (@itsavinash_) |
Bug Bounty | 2022-08-10 | 2023-06-13 |
| 1234 | An Unusual Tale of Email Verification Bypass |
Email verification bypass
Bruteforce
Rate limiting bypass |
NA |
Sagar Sajeev (@Sagar__Sajeev) |
Bug Bounty | 2022-08-13 | 2023-06-13 |
| 522 | How I bypassed the registration validation and logged-in with the company email |
Email verification bypass |
NA |
Khaledyassen |
Bug Bounty | 2023-01-30 | 2023-06-13 |
| 467 | We Hacked GitHub for a Month: Here’s What We Found |
Pre-account takeover
Broken Access Control
Email verification bypass
Logic flaw |
GitHub |
Shivam Kumar Singh (@MrRajputHacker) |
Bug Bounty | 2023-02-11 | 2023-06-13 |
| 364 | Email Verification Bypass Worth $$$ |
Email verification bypass |
NA |
the_unluck_guy (@7he_unlucky_guy) |
Bug Bounty | 2023-03-03 | 2023-06-13 |
| 284 | Easy $$$ via API params manipulation leading to bypassing the email verification block |
Mass assignment
Email verification bypass |
NA |
Fares Walid (@SirBagoza) |
Bug Bounty | 2023-03-18 | 2023-06-13 |
