Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5023How i was able to bypass strong xss protection in well known website. (imgur.com) XSS Imgur Armaan Pathan (@armaancrockroax) Bug Bounty2017-07-212023-06-13
5007Insecure Direct Object Reference In Facebook Events IDOR Meta / Facebook Armaan Pathan (@armaancrockroax) Bug Bounty2017-08-112023-06-13
5006Chain the vulnerabilities and take your report impact on the moon (CSRF to HTML INJECTION which results OPEN REDIRECT and could steal USER CREDENTIALS) CSRF HTML injection Legal Robot Armaan Pathan (@armaancrockroax) Bug Bounty2017-08-122023-06-13
4990Don’t just alert(1) , Because XSS is for fun…!! XSS Optimizely Armaan Pathan (@armaancrockroax) Bug Bounty2017-09-022023-06-13
4985Bypassing Facebook Profile Picture Guard Security. Authorization flaw Meta / Facebook Armaan Pathan (@armaancrockroax) Bug Bounty2017-09-092023-06-13
4981Chaining Self XSS with UI Redressing is Leading to Session Hijacking (PWN users like a boss) Self-XSS Clickjacking NA Armaan Pathan (@armaancrockroax) Bug Bounty2017-09-182023-06-13
4580Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution ) LFI Unrestricted file upload RCE NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-09-182023-06-13
4388Abusing ACL Permissions to Overwrite other User’s Uploaded Files/Videos on s3 Bucket Unrestricted file upload Authorization flaw NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-12-302023-06-13
4257Brute Forcing User IDS via CSRF To Delete all Users with CSRF attack. CSRF Bruteforce NA Armaan Pathan (@armaancrockroax) Bug Bounty2019-03-122023-06-13
4217Scary Bug in Burp Suite Upstream Proxy Allows Hackers to Hack Hackers MiTM PortSwigger Armaan Pathan (@armaancrockroax) Bug Bounty2019-04-062023-06-13
4194PDFReacter SSRF to ROOT Level Local File Read which led to RCE SSRF RCE NA Armaan Pathan (@armaancrockroax) Bug Bounty2019-04-182023-06-13