Back to directory

WRITEUP #6125

#BugBounty — How I was able to delete anyone’s account in an Online Car Rental Company

CSRFParameter tampering

by@logicbomb_1(Avinash Jain)

Program

-

Published

Jan 14, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/bugbountywriteup/bugbounty-how-i-was-able-to-delete-anyones-account-in-an-online-car-rental-company-8a4022cc611

▸ RELATED WRITEUPS

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

[$500] How I was able to give verification badge to any YouTube channel and bypass needed requirements

OtherParameter tampering

Vulnerabilities in Homepage Dashboard

AI Under Siege: Discovering and Exploiting Vulnerabilities

Built with ❤️ by Shubham Rawat