| Increasing impact of Information Disclosure — Full Account Takeover ! |
|
|
|
| An Interesting Account Takeover!! |
|
|
|
| Account Takeover Via Reset Password Worth 2000$ |
|
|
|
| How I Might Have Hacked Any Microsoft Account |
|
|
|
| IDOR which allowed me to view Personal Email Addresses of More than 50K Users! |
|
|
|
| Password Reset Token Leak via X-Forwarded-Host |
|
|
|
| Hijacking Reset Password Link in https://www.niteflirt.com/ via Host Header Poising (Write Up) |
|
|
|
| $500 For No Rate Limit On Forgot Password Page |
|
|
|
| My first and last crit of 2020 on Hackerone |
|
|
|
| Chaining vulnerabilities lead to account takeover |
|
|
|
| Account takeover through password reset |
|
|
|
| ATO via Host Header Poisoning |
|
|
|
| Account Takeover For The Win 🏆 |
|
|
|
| Fun with header and forget password, with a twist: |
|
|
|
| How I was able to do Mass Account Takeover[Bug Bounty] |
|
|
|
| Account takeover in cups.mail.ru |
|
|
|
| Multi-factor Auth Bypass with Password Reset Function |
|
|
|
| A $5000 Account Takeover |
|
|
|
| The 3 Day Account Takeover |
|
|
|
| How I was able to take over any account via the Password Reset Functionality. |
|
|
|
| Multiple flaws leads to Account Takeover within an Application |
|
|
|
| Password Reset Poisoning leading to Account Takeover |
|
|
|
| Weak Cryptography in Password Reset to Full Account Takeover |
|
|
|
| How i Unlocked the blocked accounts? |
|
|
|
| Playing with JSON Web Tokens for Fun and Profit |
|
|
|
writeups.xyz
/
Password Reset