Back to directory
WRITEUP #1817

Part 2

IDORLack of rate limitingLogic flaw
by@0x4kd(0x4KD)
Program
-
Published
Dec 12, 2022
Added to HackDex
Dec 12, 2022
Read Full Writeuphttps://0x4kd.medium.com/graphql-exploitation-techniques-fintech-bug-bounty-part-2-b05b9cb7d64b
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
Zomatoooo! IDOR in Saved Payments
IDOR
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL

Built with ❤️ by Shubham Rawat