| 4896 | #BugBounty — How I was able to delete anyone’s account in an Online Car Rental Company |
CSRF
Parameter tampering |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-01-14 | 2023-06-13 |
| 4861 | #BugBounty — “How I was able to shop for free!”- Payment Price Manipulation |
Parameter tampering
Payment tampering |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-02-11 | 2023-06-13 |
| 4825 | Creating Test Conversion using any App |
Parameter tampering |
Meta / Facebook |
Joshua Regio |
Bug Bounty | 2018-03-27 | 2023-06-13 |
| 4773 | How I Got Paid $0 From the India’s largest online gifting portal — Bug Bounty Program |
Payment tampering
Parameter tampering |
NA |
Hariom Vashisth |
Bug Bounty | 2018-05-05 | 2023-06-13 |
| 4745 | #Bug Bounty — How I booked a rental house for just 1.00 INR — Price Manipulation in Citrus Pay |
Parameter tampering |
NA |
Raghavendra Reddy |
Bug Bounty | 2018-05-31 | 2023-06-13 |
| 4423 | How I could have stolen your photos from Google |
Parameter tampering
Authorization flaw
IDOR |
Google |
Gergő Turcsányi (@GergoTurcsanyi) |
Bug Bounty | 2018-12-11 | 2023-06-13 |
| 4068 | One more Parameter manipulation bug (🤑) |
Parameter tampering |
NA |
Kanchan Singh Yadav (@KanchanSingh0) |
Bug Bounty | 2019-06-28 | 2023-06-13 |
| 4024 | Shopping Products For Free- Parameter Tampering Vulnerability |
Parameter tampering
Payment tampering |
NA |
D1vy4n5hu 5hukl4 (@justm0rph3u5) |
Bug Bounty | 2019-07-21 | 2023-06-13 |
| 4018 | XX to XXX in one day |
Account takeover
Parameter tampering |
WePay |
Baibhav Anand (@SpongeBhav) |
Bug Bounty | 2019-07-23 | 2023-06-13 |
| 4015 | Price Parameter Tampering On Bukalapak |
Parameter tampering
Payment tampering |
Bukalapak |
apapedulimu / Nosa Shandy (@LocalHost31337) |
Bug Bounty | 2019-07-24 | 2023-06-13 |
| 3897 | Spear texting via parameter injection |
Parameter tampering |
NA |
Kyle (@B3nac) |
Bug Bounty | 2019-09-29 | 2023-06-13 |
| 3705 | Improper Input Validation | Add Custom Text and URLs In SMS send by Snapchat | Bug Bounty POC |
Parameter tampering |
Meta / Facebook |
Muhammad Khizer Javed (@khizer_javed47) |
Bug Bounty | 2020-01-26 | 2023-06-13 |
| 3134 | Parameter Tampering ₹→$ |
Parameter tampering |
NA |
SuneetSingh |
Bug Bounty | 2020-09-26 | 2023-06-13 |
| 187 | Break the Logic: Playing with product ratings on a shopping site(600$) |
Logic flaw
Parameter tampering |
NA |
Fırat |
Bug Bounty | 2023-04-18 | 2023-06-13 |
