Back to directory

WRITEUP #2748

Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?

Logic BugLogic flaw

byYakir Kadkoda

Program

GitHub

Published

Apr 26, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.aquasec.com/npm-package-planting

▸ RELATED WRITEUPS

Logic Flaw: I Can Block You from Accessing Your Own Account

Logic BugLogic flaw

“Like” Bypass on Customer Reviews — €500 bounty

Logic BugLogic flaw

Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat