Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3700Tale of a Misconfiguration in Password Reset Password reset Information disclosure NA Naveenroy Bug Bounty2020-01-272023-06-13
3653Tale of Account Takeovers (Part-1) Account takeover HTTP parameter pollution Password reset OTP bypass NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-02-222023-06-13
3607User%27s email disclosure via invalid password reset link [$250] Password reset Information disclosure NA Myo Min Thu (@myominthu1337) Bug Bounty2020-03-132023-06-13
3603How I earned $800 for Host Header Injection Vulnerability Host header injection Password reset NA Pethuraj (@Pethuraj) Bug Bounty2020-03-152023-06-13
3567Account Take Over without user Interaction Password reset Information disclosure Account takeover NA Ravilla Bharath Bug Bounty2020-04-022023-06-13
3562Playing with JSON Web Tokens for Fun and Profit Password reset Email verification bypass NA Muhammad Qasim Munir (@MeetAn0nym0us) Bug Bounty2020-04-042023-06-13
3552How i Unlocked the blocked accounts? Password reset HTTP parameter pollution IDOR NA Maria Zulfiqar Bug Bounty2020-04-112023-06-13
3483Weak Cryptography in Password Reset to Full Account Takeover Account takeover Password reset Cryptographic issues NA Harsh Bothra (@harshbothra_) Bug Bounty2020-05-152023-06-13
3481Password Reset Poisoning leading to Account Takeover Password reset Account takeover NA Swapnil Maurya (@swapmaurya20) Bug Bounty2020-05-162023-06-13
3471Multiple flaws leads to Account Takeover within an Application Account takeover Password reset NA Harshit Sengar (@sengarharshit1) Bug Bounty2020-05-182023-06-13
3360How I was able to take over any account via the Password Reset Functionality. Password reset Account takeover NA Firas Fatnassi (@Fatnass1F1ras) Bug Bounty2020-06-282023-06-13
3303The 3 Day Account Takeover Logic flaw Password reset Account takeover Bruteforce Lack of rate limiting NA Mr. Beast (@__mr_beast__) Bug Bounty2020-07-172023-06-13
3284A $5000 Account Takeover Account takeover Password reset NA neelam Bug Bounty2020-07-252023-06-13
3255Multi-factor Auth Bypass with Password Reset Function MFA bypass Password reset Account takeover NA Vaibhav Joshi (@vj0shii) Bug Bounty2020-08-022023-06-13
3252Account takeover in cups.mail.ru Logic flaw Password reset Account takeover Mail.ru kminthein / weev3 (@kyawminthein99) Bug Bounty2020-08-032023-06-13
3249How I was able to do Mass Account Takeover[Bug Bounty] Account takeover Password reset NA Not Rickyy (@RickyyNot) Bug Bounty2020-08-052023-06-13
3203Fun with header and forget password, with a twist: Password reset Host header injection NA Vuk Ivanovic Bug Bounty2020-08-182023-06-13
3193Account Takeover For The Win 🏆 Account takeover Authentication flaw Password reset NA Ricardo Iramar dos Santos (@ricardo_iramar) Bug Bounty2020-08-242023-06-13
3107ATO via Host Header Poisoning Host header injection Account takeover Password reset NA Shivam Kamboj Dattana (@sechunt3r) Bug Bounty2020-10-082023-06-13
3045Chaining password reset link poisoning, IDOR, and information leakage to achieve account takeover at api.redacted.com HTTP header injection NA Jadek Mark (@mase289) Bug Bounty2020-11-102023-06-13
3031Account takeover through password reset Account takeover Password reset NA Omar Hamdy (@seaman00o) Bug Bounty2020-11-142023-06-13
2995Chaining vulnerabilities lead to account takeover Account takeover Password reset Open redirect Lack of rate limiting NA Ahmed (@ahzsec) Bug Bounty2020-12-012023-06-13
2889My first and last crit of 2020 on Hackerone Lack of rate limiting Bruteforce IDOR Password reset Account takeover NA Takester (@dhiraj_ramteke) Bug Bounty2021-01-162023-06-13
2864$500 For No Rate Limit On Forgot Password Page Lack of rate limiting Password reset NA BBHC (@community_bug) Bug Bounty2021-01-272023-06-13
2770Hijacking Reset Password Link in https://www.niteflirt.com/ via Host Header Poising (Write Up) Host header injection Account takeover Password reset Niteflirt Evan Ricafort (@evanricafort) Bug Bounty2021-02-252023-06-13