Update Hunting_for_bugs_in_signup_feature.md

Author: V35HR4J

Sign_Up_Functionality/Hunting_for_bugs_in_signup_feature.md

@@ -100,7 +100,7 @@ Insufficient Email Verification means the application doesn’t verify the email
 >  [https://hackerone.com/reports/617896](https://hackerone.com/reports/617896)  
 >  [https://hackerone.com/reports/737169](https://hackerone.com/reports/737169)
 
-#### 5\. Path Overwrite
+#### 6\. Path Overwrite
 
 If an application allows users to check their profile with direct path /{username} always try to signup with system reserved file names, such as index.php, signup.php, login.php, etc. In some cases what happens here is, when you signup with username: `index.php`, now upon visiting target.tld/index.php, your profile will comeup and occupy the index.php page of an application. Similarly, if an attacker is able to signup with username `login.php`, Imagine login page getting takeovered.