Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1228XSS via Angular Template Injection CSTI XSS WAF bypass NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-132023-06-13
1225URL filter bypass, RFI and XSS Stored XSS RFI NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1224The forgotten API and XSS filter bypass XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1223Five-minute hunting for hidden XSS Reflected XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-152023-06-13
1195Blind command injection RCE OS command injection NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-212023-06-13
1124Turning cookie based XSS into account takeover XSS Account takeover Terrahost Bartłomiej Bergier (@_bergee_) Bug Bounty2022-09-062023-06-13
1032Blind account takeover Account takeover NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-09-252023-06-13
908Chaining multiple vulnerabilities for credential stealing CSRF Self-XSS XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-10-252023-06-13
648How I found multiple critical bugs in Red Bull Authentication bypass HTTP response manipulation Path traversal LFI XSS SQL injection RCE Unrestricted file upload RFI Security code review Red Bull Bartłomiej Bergier (@_bergee_) Bug Bounty2022-12-262023-06-13
375Broken links hijacking and CDN takeover Broken link hijacking Subdomain takeover NA Bartłomiej Bergier (@_bergee_) Bug Bounty2023-02-282023-06-13