Rank #179 Level 2

unique bugs discovered

reports accepted
97 Accuracy

Vulnerability Types Found

Bug Submissions & total bug count

Hackevent (FirstBlood) Activity

Report Title Event ID Severity Vulnerability Type
File Enumeration inside /api/checkproof.php?proof=file:///etc/passwd FirstBlood v2 Low Info leak
Easily guessed invited code on doctor register FirstBlood v2 Medium Authorisation Issue
DOM Based XSS via redirection to javascript uri FirstBlood v2 Medium Reflective XSS
open redirect inside drpanel/logout.php endpoint FirstBlood v2 Low Open Redirect
Reflected XSS inside ref parameter on /register.php FirstBlood v2 Medium Reflective XSS
Stored XSS when cancelling an appointement triggered in doctor panel FirstBlood v2 High Stored XSS
Account takeover by overwriting user's password FirstBlood v2 Medium Authorisation Issue
Remote Command Execution via deserialization by uploading phar file FirstBlood v2 CRITICAL Deserialization
Dangerous /drpanel/drapi/editpassword.php endpoint leading to 0 click account takeover FirstBlood v2 CRITICAL Auth issues
Posibility to modify email of any appointment via /api/ma.php endpoint if attacker know the appointment id FirstBlood v2 Medium Application/Business Logic