Back to directory
WRITEUP #3027

IDOR vulnerability on invoice and weak password reset leads to account take over

IDORPassword resetAccount takeoverPayment tamperingLogic flaw
byDamaidec
Program
-
Published
Feb 1, 2022
Added to HackDex
Nov 30, 2022
Read Full Writeuphttps://medium.com/@damaidec/idor-vulnerability-on-invoice-and-weak-password-reset-leads-to-account-take-over-603b42143a8c
RELATED WRITEUPS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat