I found a logic flaw that grants me free add-ons with the product, and confirmed there is no price check on the checkout!
They closed my report as N/A just because "most of the times purchases go through a manual review process".
That's unfair my role is to test WEB APPLICATIONS!
@qabrieladah Well in my case the product is way too expensive and could be more than the bounty itself, also I wouldnโt benefit from it since it cannot be delivered to my region!
I got rewarded for a Business logic flaw + an IDOR triaged.
here's a quick overview:
IDOR : The application applies discounts for certain items only, by modifying the item ID directly in the request, I was able to bypass the restriction and benefit discounts on other items.
โฌ๏ธ
@DrlNoblemannnn No, there's a discount specific for certain items applied automatically, when selecting those items it makes a request different than for other items, and I saw that it contains the item ID in the request, so I used an ID of another item and got a discount on it.
@gdlinux Thanks!
I usually donโt test email infrastructure directly, I focus on how applications handle email in authentication flows like insecure otp or password reset flows, race conditions and account linking flaws.
Logic Flaw : When topping up the account credit, the application provides standard options (e.g., 100, 200, ...) and it applies taxes to them, and by altering the credit value in the request to a random amount (e.g., 250) it failed to apply any taxes, allowing tax-free top-ups.
@r00ted_psycho @Bugcrowd focus on one type of vulnerabilities, give your targets more time, try to map out all the application and analyze it thoroughly, and don't stress about it you'll make it.
Yay, I scored a reward on @Bugcrowd for an IDOR.
Quick overview:
While testing a shopping site I noticed a special offer that was intended for only one item, and by using another itemโs ID in the request I got a juicy discount on it.