pichik has reached Level 4 with 75+ unique vulnerabilities discovered and they have proven to us that they understand web application vulnerabilities and how to discover them. If you run a bug bounty/vulnerability disclosure program and you are looking for an active, professional researcher, we recommend considering this user
Report Title | Event ID | Severity | Vulnerability Type |
---|---|---|---|
Editing other users appointments with IDOR | FirstBlood v1 | High | Insecure direct object reference |
IDOR in aptid which grants access to every appointment | FirstBlood v1 | High | Insecure direct object reference |
Info leak on reddit leads to create acc with admin privileges | FirstBlood v1 | High | Authorisation Issue |
Reflected XSS on register page | FirstBlood v1 | Medium | Reflective XSS |