Back to directory
WRITEUP #4688

One Param => $10k

IDORXSSAccount takeover
by@bilalmerokhel(Bilal Khan)
Bounty
10,000
Program
-
Published
May 17, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@bilalmerokhel/one-param-10k-9d80a33f5eb5
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
How I got my first $13500 bounty through Parameter Polluting (HPP)
IDORXSS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack
XSS

Built with ❤️ by Shubham Rawat