FirstBlood-#239 — Attacker can register a user name that has already been registered
This issue was discovered on FirstBlood v1
On 2021-05-14, xnl-h4ck3r Level 4 reported:
Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles
Summary
You can register the same user more than once and get a new password, potentially taking over an existing account.
Steps to Reproduce
-
Go to /register.php and regsiter a user, e.g. xnl:
-
An attacker can then fo to the site and go to /register.php and use the same user name, and be assigned a new password. Register the name xnl with an invite code:
Impact
If a doctor has an existing account, and attacker can register an account with the same username and get a new password to log into that account.
P2 High
Endpoint: /register.php
Parameter: n/a
Payload: n/a
FirstBlood ID: 17
Vulnerability Type: Auth issues
Unintended: An account with the same username can be created which leads to the original account being deleted and replaced with the attackers