writeups.xyz
/
Mohsin Khan (@Tabaahi_)
Title
Vulnerabilities
Programs
Authors
A business Logic issue worth $1500
Logic Flaw
Undisclosed
Mohsin Khan (@Tabaahi_)
Account verification code bypass lead to a $4000 bounty
OTP Bypass
Undisclosed
Mohsin Khan (@Tabaahi_)
Full account takeover worth $1000 Think out of the box
Account Takeover
CSRF
IDOR
Undisclosed
Mohsin Khan (@Tabaahi_)
IDOR via Websockets allow me to takeover any users account
IDOR
Undisclosed
Mohsin Khan (@Tabaahi_)
Page 1 of 1
writeups.xyz
/
Mohsin Khan (@Tabaahi_)