Hidden link to delete account

  • Posted:
  • Proposals: 1
  • Remote
  • #408442
  • Expired
Outgrowth D. has already sent a proposal.
  • 1

Description

Experience Level: Expert
General information for the website: I want to find out hidden link to delete account (Only little research needed)
Description of requirements/features: Hello,
I'm working on Usability testing of a Gay dating website: www.planetromeo.com

You'll need to register as user (free). CLick on 'G-rated' while you login if you do not want to see explicit X-rated content.

There are a couple of issues we are facing:
1: Whenever any user enters this is the address bar:
http://www.planetromeo.com/zZ9awTO0JvNOSWlNwst2gZfamC8yyaxD/?jump=&firstLogin=0&sslRedirect=0&profileNotActive=1

the profile becomes deactive

2: When a user A blocks another user B, if the user A is given the below URL (with User B's id number somewhere in between), User B is removed from User A's blocked list.
(You can block a user by going to his profile, clicking Save User and then select Ignore. User id's are generally in this format: 14237393)

http://www.planetromeo.com/00000000000000000000000000000000/gemeinsam/php/myuser/saveMyUser.php?memo=&smiley=4&linkText=&partnerId=14237393&partnerType=1&status=0

I've already found out the above loopholes, now I just need to know 2 things. Because I'm working on the Usability, I need to know if some user's account can be compromised by any such defective URL's or not. Because the URL's openly display in the address bar (sometimes for a flick of a second), there should be a way out to give a URL to someone clicking which his/her account is deleted, or clicking which the email id of the account holder is changed, or maybe the password reset mail comes to somebody else's account.

I need someone qualified enough JUST FIND OUT:
1: A compromising URL like above which deletes the account of the user upon being clicked.
2: A URL which changes the registered email id of the account holder (this email id might be shown in the address bar, I agree)
3: A URL which sends the password reset mail to some one else's email id.

SO you see aim is to compromise any user's account. Since the site is loosely coded I do not think it should be a big challenge. Also note that since the site is live, you would not be getting access to the code or database.

Thanks
Extra notes:

New Proposal

Create an account now and send a proposal now to get this project.

Sign up

Clarification Board Ask a Question

    There are no clarification messages.