mr_xhunt


Rank #2 Level 7



159
unique bugs discovered
320 hours, 31 minutes and 24 seconds active hacking time

174
reports accepted
99 Accuracy

Vulnerability Types Found

Bug Submissions & total bug count


Hackevent (FirstBlood) Activity

Report Title Event ID Severity Vulnerability Type
Change doctor passwords via admin API that is accessible by any doctor FirstBlood v3 CRITICAL Auth issues
Stored XSS in the Doctor Name on /doctors.php as well as /about.php FirstBlood v3 CRITICAL Auth issues
CSRF leading to Modify the doctors data FirstBlood v3 Low Cross Site Request Forgery
Reflected XSS on https://a939f6568e92-mrxhunt.a.firstbloodhackers.com/doctors.php FirstBlood v3 Medium Reflective XSS
Open Redirect on /logout.php endpoint FirstBlood v3 Low Open Redirect
Stored XSS in Mobile no. of Hackerback Joinee FirstBlood v3 CRITICAL Stored XSS
Reflected XSS on /book-appointment.html endpoint in the `redirect_url` parameter FirstBlood v3 Medium Reflective XSS
Reflected XSS on /drpanel/edit-doctor.php endpoint in the `id` parameter FirstBlood v3 Medium Reflective XSS
Enable Ambulance Service for the Appointment leading to Stored XSS FirstBlood v3 High Stored XSS
Can change the data of the cancelled Appointments FirstBlood v3 Low Application/Business Logic
Get Request to `/api/doctors.php` leaks the PII of the Doctors FirstBlood v3 High Information leak/disclosure
[Collab] Tagline XSS on /meet_drs.php FirstBlood v3 High Stored XSS
Blind XSS on Internal Adminstrator dashboard FirstBlood v3 CRITICAL Stored XSS
Blind XSS on Internal Dashboard of Adminstrator (Manage Appointments) FirstBlood v3 CRITICAL Stored XSS
Unauthenticated Modification of the Doctors Data via New Api Call FirstBlood v3 High Access control
Unauthenticated Access to Api Call leads to Stored XSS in the Drivers Name FirstBlood v3 High Stored XSS
Delete Ambulance Provided to any Appointment FirstBlood v3 High Access control
Leak all the Appointment Id with ambulance enabled FirstBlood v3 High Information leak/disclosure