Got a critical Hole on freelancer.com and Fiverr.com - Printable Version +- 0Day Forums (https://zeroday.vip) +-- Forum: Hacking & Exploits (https://zeroday.vip/Forum-Hacking-Exploits) +--- Forum: Website Hacking (https://zeroday.vip/Forum-Website-Hacking) +--- Thread: Got a critical Hole on freelancer.com and Fiverr.com (/Thread-Got-a-critical-Hole-on-freelancer-com-and-Fiverr-com) Pages:
1
2
|
Got a critical Hole on freelancer.com and Fiverr.com - heirship820686 - 01-15-2020 Hello i got a critical security hole on freelancer.com and fiverr.com, Is there any one who is willing to be part on exploitation kindly comment down. RE: Got a critical Hole on freelancer.com and Fiverr.com - lorenzoloresz858 - 02-11-2020 Sorry, to confirm what you're asking. Are you looking for an account to exploit in order to demonstrate the vulnerability to collect a bug bounty ETC? RE: Got a critical Hole on freelancer.com and Fiverr.com - shirleydbc - 02-12-2020 Quote:Hello i got a critical security hole on freelancer.com and fiverr.com Do you have unrestricted/elevated back-end access? RE: Got a critical Hole on freelancer.com and Fiverr.com - neigh315 - 04-28-2020 Quote:(02-12-2020, 05:42 AM)mothered Wrote:Hello i able to done Url tempering attack.in order to deposit virtual/fake $ RE: Got a critical Hole on freelancer.com and Fiverr.com - permittedly182815 - 04-29-2020 Quote:(04-29-2020, 02:20 AM)zorayo Wrote: Are you referring to web parameter tampering, by manipulating/exploiting the application data? RE: Got a critical Hole on freelancer.com and Fiverr.com - mucking851277 - 05-01-2020 Quote:(04-29-2020, 08:43 AM)mothered Wrote:Able to edit the actual amount of deposit.by editing http request in order by doing Url tempering... The hole is working on Upwork.com too Quote: (05-01-2020, 06:03 AM)zorayo Wrote:I just link my paypal account and just done deposit of $1 and while redirecting(bouncing back to the checkout page) i edit the request and make it like $1000,$2000,$3000.... The fund works to pay for any client over the freelancer platform.. RE: Got a critical Hole on freelancer.com and Fiverr.com - eurus406 - 06-25-2020 Where's the money coming out of? Does it come out of the paypal account you link, or does it just create the funds from thin air? Also have you cashed it out yet? How do you know that the $500 isn't just a front end display and the server has the actual value stored internally? RE: Got a critical Hole on freelancer.com and Fiverr.com - proequality566787 - 07-03-2020 Quote:(06-25-2020, 06:42 PM)Stratus Wrote:That's a great question i want to find out myself too. I'm interested in hacking these "freelancer" companies. RE: Got a critical Hole on freelancer.com and Fiverr.com - befountained13632 - 09-02-2020 My guess is this is just a visual bug. The system will probably block the cashout. RE: Got a critical Hole on freelancer.com and Fiverr.com - taganmmlgb - 05-19-2021 Sounds interesting. Have they fixed it? I don't think that such services have strong security systems. Any vulnerability can remain unfixed for months, if not years. Recently I tried to find something on [To see links please register here] , but they seem fine. Also, I would not expect decent bug bounty compensation from freelance services. They don't have a lot of valuable data. Compared to messengers, they have nothing at all. Maybe get some personal data of freelancers, but what's the point? Perhaps really, it was just a visual bug. |