WRITEUP #6399

TopCoder.com Vulnerabilities – A tail of site-wide bugs leads to accounts compromise & payments hijacking

CSRFAccount takeover

byMohamed A. Baset

Program

Topcoder.com

Published

Jun 28, 2016

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.seekurity.com/blog/general/topcoder-vulnerabilities-a-tail-of-site-wide-bugs-leads-to-accounts-compromise-payments-hijacking/

▸ RELATED WRITEUPS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

XSSSelf-XSS

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat