Back to directory
WRITEUP #5925

#BugBounty - Compromising User Account- "How I was able to compromise user account via HTTP Parameter Pollution(HPP)"

Auth BypassHTTP parameter pollutionPassword resetAccount takeover
by@logicbomb_1(Avinash Jain)
Program
-
Published
Jul 7, 2018
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@logicbomb_1/bugbounty-compromising-user-account-how-i-was-able-to-compromise-user-account-via-http-4288068b901f
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO
Account takeover on 8 years old public program
Auth BypassAccount takeover
Breaking the Barrier: Admin Panel Takeover Worth $3500
Auth BypassAuthentication bypass

Built with ❤️ by Shubham Rawat