Logical vulnerabilities:-

1. Register function enabled to admin dashboard or unauthorized

access to admin dashboard:-
Unauthorized access to the admin dashboard is a significant security
vulnerability that can have serious consequences for the confidentiality,
integrity, and availability of a web application's data and functionality. This
vulnerability occurs when an attacker gains access to administrative features or
privileged areas of the application without proper authorization.
Enabling a registration function within an admin dashboard allows
administrators to create new user accounts directly from the administrative
interface. This type of access can have severe consequences, as it often grants
the intruder significant control over the system's functionality, data, and
potentially even the entire infrastructure.

 Impact:-
 Data Breach: Unauthorized access to the admin dashboard may lead to a
data breach if sensitive information such as user credentials, personal
data, financial records, or proprietary information is exposed or
compromised.
 Data Manipulation or Deletion: Attackers with access to the admin
dashboard may be able to manipulate or delete critical data stored in the
application, leading to data loss, corruption, or unauthorized
modifications.
 Unauthorized Functionality: Access to the admin dashboard may grant
attackers the ability to perform unauthorized actions or execute privileged
functionalities within the application, such as creating, modifying, or
deleting user accounts, content, or configurations.

 Steps to reproduce:-
 Implement the monitoring tools that track access to the admin panel in
real-time.
 Check security logs for any unusual or suspicious activities, such as
multiple failed login attempts, unusual IP addresses accessing the
admin panel, or unauthorized changes made by users with
administrative privileges.
 Regularly audit access controls and permissions related to the admin
panel. Ensure that only authorized users have access and that their
permissions are appropriately configured.
 Conduct penetration testing to simulate potential attack scenarios.

Example:
 https://hackerone.com/reports/1394910

2. Weak login credential

The vulnerability of weak login credentials poses a significant security risk to
web applications and systems. Weak login credentials, such as easily guessable
passwords or default usernames and passwords, make it easier for attackers to
gain unauthorized access to accounts, leading to various security threats and
potential consequences.

 Impact:-
 Unauthorized Access: Weak login credentials make it easier for
attackers to gain unauthorized access to user accounts, administrative
interfaces, or sensitive systems within the organization.
 Attackers may exploit unauthorized access to steal intellectual property,
trade secrets, or proprietary information from the organization's systems,
compromising its competitive advantage, innovation, and market
position.
 Security incidents resulting from weak login credentials can disrupt the
organization's day-to-day operations, leading to downtime, service
interruptions, loss of productivity, and delays in delivering products or
services to customers.

 Steps to reproduce
 Check the login credential with some default password or credentials in
the login pages.
 Verify the login pages with the guessable passwords and usernames.
 Try to access admin credential by using default admin credentials. Ex:
username: admin and password : admin
 Like the above try some guessable and default passwords and credentials.
 If it works then try to get access to the system.

 Examples:-
 https://hackerone.com/reports/237544

3. No verification while registering.

The vulnerability of not verifying user input during the registration process
poses a significant security risk to web applications. This vulnerability allows
attackers to exploit the registration functionality to create accounts with
malicious intent or to bypass security controls.
 Impact:
 Attackers may leverage unauthorized accounts to perform account
takeover attacks, where they hijack legitimate user accounts by changing
passwords, modifying account settings, or accessing privileged
functionalities.
 The creation of large numbers of unauthorized accounts can consume
excessive resources, such as storage space, database connections, or
server resources, leading to performance degradation or denial of service
(DoS) conditions.
 Create unauthorized accounts with fake or malicious credentials. These
accounts can be used for spamming, phishing, social engineering, or
launching further attacks on the application or its users.
 Steps to reproduce:
 Access Registration Form: Navigate to the registration page of the
application or system where email verification is not implemented.
 Provide Fake Email Address: Enter a fake or disposable email address
into the registration form. This could be any string of characters followed
by "@example.com" or a similar disposable domain.
 Complete Registration: Fill out any other required fields in the
registration form and submit it to create a new user account without
verifying the provided email address.
 Access Account: Log in to the newly created user account without
having to verify the email address.
 Examples:
 https://hackerone.com/reports/90643
 https://hackerone.com/reports/147182

4. No rate of limiting mechanism on signup

The vulnerability of not having a rate-limiting mechanism on the signup process poses a
significant security risk to web applications. This vulnerability allows attackers to abuse the
signup functionality by creating a large number of accounts in a short period, leading to
various security and operational issues.

 Impact:
 Without rate limiting, attackers can automate the creation of multiple
accounts rapidly, potentially overwhelming the system with fake or
malicious accounts.
 The system may experience resource exhaustion due to excessive user
registration requests, leading to performance degradation or denial of
service for legitimate users.
 Attackers can exploit the lack of rate limiting to create accounts for
spamming, phishing, or other abusive activities within the system,
compromising the user experience and system integrity.
 Uncontrolled user sign-ups can result in unnecessary database bloat,
consuming storage resources and impacting system performance.

 Steps to Reproduce:
 Access Registration Form: Navigate to the registration page of the
application or system where rate-limiting is not implemented.
 Automate Registration Requests: Use automated tools or scripts to
send a large number of registration requests to the system within a
short period. These tools can simulate multiple users signing up
simultaneously.
 Observe Lack of Rate Limiting: Notice that the system accepts all
registration requests without imposing any restrictions or delays,
allowing for the rapid creation of multiple accounts.
 Verify Successful Account Creation: Verify that the accounts are
successfully created without any rate-limiting mechanisms in place,
potentially resulting in an excessive number of accounts being
registered within a short timeframe.
 Examples:-
 https://hackerone.com/reports/905692
 https://hackerone.com/reports/922470

5. No rate of limiting mechanism on password reset page

The vulnerability of not having a rate-limiting mechanism on the password reset
page poses a significant security risk to web applications. This vulnerability
allows attackers to abuse the password reset functionality by attempting a large
number of password reset requests in a short period, leading to various security
and operational issues.

 Impact:
 Security incidents resulting from the lack of rate limiting on the
password reset page can damage the reputation and trustworthiness of
the organization among customers, partners, investors, and
stakeholders. Loss of trust can lead to customer churn, loss of business
opportunities, and long-term damage to the organization's brand.
 Organizations may be subject to regulatory penalties, sanctions, or
legal consequences if security breaches resulting from the lack of rate
limiting on the password reset page violate data protection regulations,
industry standards, or contractual obligations.
 Successful password resets through brute-force attacks or password
guessing can lead to unauthorized access to user accounts, allowing
attackers to view sensitive information, manipulate account settings,
or perform malicious activities.

 Steps to Reproduce:
 Access Password Reset Page: Navigate to the password reset page of
the application or system where rate-limiting is not implemented.
 Use automated tools or scripts to send a large number of password
reset requests to the system within a short period. These tools can
simulate multiple users attempting to reset their passwords
simultaneously.
 Notice that the system accepts all password reset requests without
imposing any restrictions or delays, allowing for the rapid processing
of multiple requests.
 Verify that the password resets are successful without any rate-
limiting mechanisms in place, potentially resulting in unauthorized
access to user accounts.

 Examples:
 https://hackerone.com/reports/751604
 https://hackerone.com/reports/1166066

6. No automatic logout on password change

The vulnerability of not automatically logging out users after a password
change poses a significant security risk to web applications. This vulnerability
allows attackers to potentially maintain access to user accounts even after the
account owner has changed their password, leading to various security and
operational issues.

 Impact:
 Security incidents resulting from the lack of automatic logout after a
password change can damage the reputation and trustworthiness of the
organization among customers, partners, investors, and stakeholders.
Loss of trust can lead to customer churn, loss of business
opportunities, and long-term damage to the organization's brand.
 Allowing users to remain logged in after changing their passwords
may expose sensitive data or confidential information to unauthorized
access if the session is not invalidated promptly. This can result in
data breaches, loss of intellectual property, or violations of privacy
laws and regulations.

 Steps to Reproduce:
 Log in to User Account: Log in to the target user account using valid
credentials.
 Change Password: While the session is still active, initiate a password
change process from the account settings or password management
page.
 Observe Lack of Automatic Logout: After successfully changing the
password, observe that the session remains active, allowing continued
access to the account without requiring reauthentication.
 Verify Unauthorized Access: Attempt to perform actions within the
account that would typically require reauthentication, such as
accessing sensitive information or changing account settings. Confirm
that these actions can be performed without providing the new
password.

 Examples:
 https://hackerone.com/reports/514577
 https://hackerone.com/reports/194329

7. No verification on changing Mail

The vulnerability of not requiring verification when changing an email
address poses a significant security risk to web applications. This
vulnerability allows attackers to potentially hijack user accounts by
changing the associated email address without proper verification,
leading to various security and operational issues.

 Impact:
 Attackers can exploit the vulnerability to hijack user accounts by
changing the associated email address without proper verification.
This can lead to unauthorized access to sensitive information,
financial transactions, or account settings, putting user data at risk.
 Attackers may exploit the vulnerability to gain unauthorized access to
user accounts by changing the associated email address to one under
their control. This can lead to unauthorized actions being taken on the
account, such as accessing sensitive data, making unauthorized
transactions, or changing account settings.
 Unauthorized changes to email addresses can potentially lead to data
breaches if attackers gain access to accounts and change the associated
email addresses to their own. This can result in unauthorized access to
personal data, financial records, or proprietary information stored
within the application.

 Steps to Reproduce:
 Log in to the target user account using valid credentials and navigate
to the account settings or profile page where email address changes
can be made.
 Start the process of changing the email address associated with the
account by entering a new email address.
 Notice that the system allows the email address to be changed without
requiring any verification, such as confirming the change via a
confirmation link sent to the new email address or entering a
verification code.
 Confirm that the email address associated with the account has been
successfully changed without any verification, potentially granting
unauthorized access to the account.

 Examples:-
 https://hackerone.com/reports/292673
 https://hackerone.com/reports/29331

8. DoS attack in name field

The vulnerability of allowing a Denial of Service (DoS) attack through the
name field in a web application poses a significant security risk. Attackers
exploit this vulnerability by submitting specially crafted input in the name field,
which can overwhelm the application's resources, leading to service disruption
or downtime.

 Impact:
 A successful DoS attack can render the web application inaccessible
or unusable for legitimate users, leading to downtime and loss of
service availability. This can disrupt business operations, impede
productivity, and result in financial losses.
 Downtime caused by a DoS attack can result in lost sales
opportunities, decreased transaction volumes, and reduced revenue
generation for e-commerce or online businesses. This can have a
direct impact on the organization's bottom line and financial
performance.
 Publicized incidents of DoS attacks can undermine the organization's
competitive advantage and market position, particularly if competitors
capitalize on the opportunity to highlight their superior security
measures and reliability.
 Mitigating and recovering from a DoS attack can incur significant
operational costs, including expenses related to incident response,
forensic analysis, infrastructure upgrades, and implementing
additional security measures to prevent future attacks.

 Steps to Reproduce:
 Navigate to the web form or application that contains a name field
susceptible to a DoS attack.
 Enter an excessively long or malformed input in the name field, such
as a large string of characters, special characters, or repeating patterns,
that is designed to overwhelm the system.
 Submit the form with the malicious input in the name field.
 Notice that the system becomes unresponsive, slow, or crashes as a
result of processing the malicious input in the name field.
 Confirm that the application or system is no longer accessible or
responsive to legitimate users, indicating a denial-of-service condition
caused by the attack.

 Examples:
 https://hackerone.com/reports/768677
 https://hackerone.com/reports/1168804