| Account Take Over without user Interaction |
|
|
|
| How I earned $800 for Host Header Injection Vulnerability |
|
|
|
| User's email disclosure via invalid password reset link [$250] |
|
|
|
| Tale of Account Takeovers (Part-1) |
|
|
|
| Password Reset Token Leak Via Referrer |
|
|
|
| How I discovered an interesting account takeover flaw? |
|
|
|
| Account Takeover Through Password Reset Poisoning |
|
|
|
| Pwn Them All #BugBounty |
|
|
|
| Readme.com Account Takeover |
|
|
|
| How I Hacked Instagram Again |
|
|
|
| How I was able to earn 1000$ with just 10 minutes of bug bounty? |
|
|
|
| Full Account Takeover via Changing Email And Password of any User through API Parameters |
|
|
|
| How I found the most critical bug in live bug bounty event? |
|
|
|
| Account Takeover Vulnerability :) |
|
|
|
| Password Reset Vulnerability — Full Account takeover (Insecure Direct Object Reference) |
|
|
|
| User Account Takeover [Password Change]— Nice Catch! |
|
|
|
| Tale of a Misconfiguration in Password Reset |
|
|
|
| Tokopedia Account Takeover Bug Worth 8 Million IDR |
|
|
|
| Complete User Account Takeover on an Android Application |
|
|
|
| My First Critical Report |
|
|
|
| From data leak to account takeover |
|
|
|
| #BugBounty - Compromising User Account- "How I was able to compromise user account via HTTP Parameter Pollution(HPP)" |
|
|
|
| Account Take over via reset password |
|
|
|
| [Responsible disclosure] How I could have booked movie tickets through other user accounts |
|
|
|
| Full account Takeover via reset password function |
|
|
|
writeups.xyz
/
Password Reset