Back to directory
WRITEUP #5931

Chaining Multiple Vulnerabilities to Gain Admin Access

IDORAccount takeover
by@nahamsec(Ben Sadeghipour)
Program
-
Published
Jul 2, 2018
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://www.nahamsec.com/posts/chaining-multiple-vulnerabilities-to-gain-admin-access
RELATED WRITEUPS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Zomatoooo! IDOR in Saved Payments
IDOR
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover

Built with ❤️ by Shubham Rawat