| 4944 | Multiple Intel Vulnerabilities-Adesh Kolte |
Open redirect
Directory listing |
Intel |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2017-11-05 | 2023-06-13 |
| 4886 | File Disclosure via .DS_Store file (macOS) |
Directory listing |
Meta / Facebook |
Omar Espino (@omespino) |
Bug Bounty | 2018-01-23 | 2023-06-13 |
| 4885 | Asus Cross Site Scrpting And Directory Listing Vulnerability |
Directory listing
XSS |
Asus |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-01-23 | 2023-06-13 |
| 4830 | Hacking Oracle in 5 Minutes |
Directory listing |
Oracle |
Rahul R |
Bug Bounty | 2018-03-25 | 2023-06-13 |
| 4364 | #BugBounty How I Hack Billion $ Company |
Directory listing |
NA |
Sadiq West |
Bug Bounty | 2019-01-15 | 2023-06-13 |
| 4317 | How i was able to dump SqlDB | Simple bug |
Directory listing
SQL injection
Authentication bypass |
NA |
clever idi0t |
Bug Bounty | 2019-02-07 | 2023-06-13 |
| 3867 | How I earned $$$$ by finding confidential customer data including plain-text passwords! |
Directory listing
Information disclosure |
NA |
Sushant Soni (@sushantsoni5392) |
Bug Bounty | 2019-10-24 | 2023-06-13 |
| 3685 | How, I dumped crypto data by chaining directory listing to open S3 Bucket |
AWS misconfiguration
Directory listing
Information disclosure |
NA |
Ddigvijay |
Bug Bounty | 2020-02-05 | 2023-06-13 |
| 3170 | From Android Static Analysis to RCE on Prod |
RCE
Directory listing
Missing authentication |
NA |
Aditya Dixit (@zombie007o) |
Bug Bounty | 2020-09-07 | 2023-06-13 |
| 2245 | Full structure takeover to many brands of company |
Directory listing
Information disclosure |
NA |
Abdelrahman Khaled |
Bug Bounty | 2021-09-06 | 2023-06-13 |
| 2093 | 400$ Bounty again using Google Dorks |
Directory listing
Information disclosure |
NA |
Haris M (@hrsm321) |
Bug Bounty | 2021-11-09 | 2023-06-13 |
| 1803 | How I get my first SWAG from SIDN (Sensitive Data Exposer) |
Directory listing
Information disclosure
403 bypass |
SIDN |
remonsec (@remonsec) |
Bug Bounty | 2022-02-19 | 2023-06-13 |
| 1798 | Access Control Violation - Sensitive Data Exposure |
Directory listing |
NA |
Nick Berrie (@machevalia) |
Bug Bounty | 2022-02-19 | 2023-06-13 |
| 1033 | Tesla paid me $10,000 because of Directory Indexing |
Directory listing |
Tesla |
infiltrateops |
Bug Bounty | 2022-09-25 | 2023-06-13 |
| 878 | How I Get 5x Swag From Sony |
DOM XSS
Directory listing
Default credentials
Information disclosure |
Sony |
Naeem Ahmed Sayed (@0xNaeem) |
Bug Bounty | 2022-11-02 | 2023-06-13 |
| 818 | Information Exposure — My Fourth Finding on Hackerone! |
Directory listing
Information disclosure |
NA |
mehedishakeel (@mehedishakeel) |
Bug Bounty | 2022-11-17 | 2023-06-13 |
| 390 | The Tale of a Command Injection by Changing the Logo |
RCE
OS command injection
Unrestricted file upload
Directory listing
HTTP response manipulation |
NA |
0xrz (@omidxrz) |
Bug Bounty | 2023-02-26 | 2023-06-13 |
| 114 | How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain |
RCE
Unrestricted file upload
Stored XSS
Information disclosure
Directory listing |
NA |
Aayush Vishnoi (@AayushVishnoi10) |
Bug Bounty | 2023-05-07 | 2023-06-13 |
