Back to directory
WRITEUP #2096

In GUID We Trust

IDORPassword resetRace conditionAccount takeover
by@_danielthatcher(Daniel Thatcher)
Program
-
Published
Oct 11, 2022
Added to HackDex
Oct 17, 2022
Read Full Writeuphttps://www.intruder.io/research/in-guid-we-trust
RELATED WRITEUPS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Zomatoooo! IDOR in Saved Payments
IDOR

Built with ❤️ by Shubham Rawat