Back to directory
WRITEUP #3367

Improper phone number validation to account takeover

Logic BugLogic flawOTP bypassAccount takeover
by@Cyb3r_4ss4s1n(shesha sai_c)
Program
-
Published
Sep 27, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://sheshasai.medium.com/improper-phone-number-validation-to-account-takeover-f8b78b08ed05
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat