| 5089 | Remote Code Execution in AT&T |
RCE
SSTI
Components with known vulnerabilities |
AT&T |
Corben Leo (@hacker_) |
Bug Bounty | 2017-03-10 | 2023-06-13 |
| 3725 | In Cloud we “Trust”: Wrong Kubernetes implementation by Google Cloud Platform & Microsoft Azure affecting customers |
Old components with known vulnerabilities |
Microsoft
Google |
Chen Cohen (@chencococococo) |
Bug Bounty | 2020-01-12 | 2023-06-13 |
| 2423 | Account Takeovers — Believe the Unbelievable |
Account takeover
Session management issue
Weak credentials
Components with known vulnerabilities
Password reset |
NA |
Nikhil (niks) (@niksthehacker) |
Bug Bounty | 2021-07-09 | 2023-06-13 |
| 2298 | “How Companies Need to Widen There Scopes” |
RCE
Components with known vulnerabilities |
NA |
amnotacat |
Bug Bounty | 2021-08-25 | 2023-06-13 |
| 2051 | Unauthenticated Sensitive Information Disclosure at [REDACTED] |
Old components with known vulnerabilities
Information disclosure |
NA |
Rizaldi Wahaz (@wah_haz) |
Bug Bounty | 2021-11-25 | 2023-06-13 |
| 1851 | How I bypassed PHP functions to read sensitive files on server |
Components with known vulnerabilities
RCE |
NA |
Kailash (@corrupted_brain) |
Bug Bounty | 2022-02-04 | 2023-06-13 |
| 1717 | For the first Bounty, it takes a few challenging months, but only a few days for the second. |
Old components with known vulnerabilities |
NA |
Aneesha D (@interc3pt3r) |
Bug Bounty | 2022-03-18 | 2023-06-13 |
| 1584 | How I got a lousyT-Shirt from the Dutch Government. |
Old components with known vulnerabilities |
Dutch Government |
Mava (@mava656) |
Bug Bounty | 2022-05-03 | 2023-06-13 |
| 1504 | How I found a GoldMine but got No Gold |
Old components with known vulnerabilities |
NA |
Muhammad Abdullah |
Bug Bounty | 2022-06-01 | 2023-06-13 |
| 1498 | Ivanti EPM Remote Code Execution |
RCE
Components with known vulnerabilities |
NA |
Nick Berrie (@machevalia) |
Bug Bounty | 2022-06-05 | 2023-06-13 |
| 1316 | Outdated PHP Version leads to RCE |
RCE
Old components with known vulnerabilities |
NA |
iamdevansharya (@iamdevansharya) |
Bug Bounty | 2022-07-25 | 2023-06-13 |
| 1091 | How I DIDN’T get an RCE in a $200 Billion company — Bug Bounty |
RCE
Components with known vulnerabilities |
NA |
nynan (@_nynan) |
Bug Bounty | 2022-09-12 | 2023-06-13 |
| 1071 | How i Found Unauthorized Bypass RCE |
RCE
Old components with known vulnerabilities |
NA |
Yashshirke |
Bug Bounty | 2022-09-18 | 2023-06-13 |
| 841 | From Shodan Dork to Grafana 📊Local File Inclusion |
LFI
Old components with known vulnerabilities |
NA |
Anurag__Verma |
Bug Bounty | 2022-11-11 | 2023-06-13 |
| 747 | How I found my first RCE! |
RCE
Components with known vulnerabilities
WSO2
SSRF |
NA |
302Found |
Bug Bounty | 2022-12-01 | 2023-06-13 |
| 679 | How I was able to steal users credentials via Swagger UI DOM-XSS |
DOM XSS
Old components with known vulnerabilities |
NA |
Mohamed Reda (@M0x0101) |
Bug Bounty | 2022-12-18 | 2023-06-13 |
| 667 | RCE on admin panel of web3 website |
RCE
Components with known vulnerabilities |
NA |
T VAMSHI |
Bug Bounty | 2022-12-21 | 2023-06-13 |
| 650 | Authentication Bypass in Nexus manager (version 3.37.3–02) |
Components with known vulnerabilities
Authentication bypass
HTTP response manipulation |
NA |
SHARAN.K |
Bug Bounty | 2022-12-26 | 2023-06-13 |
| 475 | How I got $$$$ Bounty within 5 mins |
RCE
Components with known vulnerabilities |
NA |
Hashir Khan (@P4n7h3Rx) |
Bug Bounty | 2023-02-09 | 2023-06-13 |
| 384 | The Vulnerability That Exposed an UN Website to Remote Code Execution |
Components with known vulnerabilities
OGNL injection
RCE |
United Nations |
Mullangisashank |
Bug Bounty | 2023-02-27 | 2023-06-13 |
| 342 | Remote Stealth Brute-force of Oracle Database Passwords |
Bruteforce
Information disclosure
Authentication bypass
Components with known vulnerabilities |
NA |
Viktor Markopoulos |
Bug Bounty | 2023-03-06 | 2023-06-13 |
| 296 | Emotional Rollercoaster: A Unique Case Study of Bypassing Antivirus and Firewall by Abusing PostgreSQL |
RCE
Old components with known vulnerabilities |
NA |
Yousef Amery (@YousefAmery) |
Bug Bounty | 2023-03-15 | 2023-06-13 |
| 271 | Finding Initial Access on a real life Penetration Test |
Old components with known vulnerabilities
Internal pentest
RCE |
NA |
Warren Butterworth (@w88ugs) |
Bug Bounty | 2023-03-23 | 2023-06-13 |
| 175 | Uncovering a Critical Vulnerability: My Journey of Discovering CVE-2021–31589, a Reflected XSS in LinkedIn |
Components with known vulnerabilities
Reflected XSS |
LinkedIn |
Karthikeyan.V (@karthithehacker) |
Bug Bounty | 2023-04-20 | 2023-06-13 |
| 174 | Turning Vulnerability into Bounty: How CVE-2020–17453 XSS Earned Me a $500 Bounty |
Components with known vulnerabilities
XSS |
NA |
Karthikeyan.V (@karthithehacker) |
Bug Bounty | 2023-04-20 | 2023-06-13 |
