Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3937Write up of two HTTP Requests Smuggling HTTP request smuggling NA C1h2e1 (@C1h2e11) Bug Bounty2019-09-072023-06-13
3924HTTP Request Smuggling CL.TE HTTP request smuggling NA memN0ps (@memN0ps) Bug Bounty2019-09-132023-06-13
3809How Did Tons of People Like Me on Tinder? HTTP request smuggling NA Mustafa iran (@Mustafaran) Bug Bounty2019-11-252023-06-13
3799HTTP Request Smuggling + IDOR HTTP request smuggling IDOR NA hipotermia (@_hipotermia_) Bug Bounty2019-12-052023-06-13
3738Account takeover via HTTP Request Smuggling HTTP request smuggling Account takeover Open redirect Internal header disclosure NA hipotermia (@_hipotermia_) Bug Bounty2020-01-032023-06-13
3701Escalating reflected XSS with HTTP Smuggling Reflected XSS HTTP request smuggling NA Hazana (@HazanaSec) Bug Bounty2020-01-272023-06-13
3123The Powerful HTTP Request Smuggling 💪 HTTP Request Smuggling NA Ricardo Iramar dos Santos (@ricardo_iramar) Bug Bounty2020-10-012023-06-13
3084IBM Datapower Exploit CVE-2020-5014 SSRF HTTP Request Smuggling IBM Thomas Cope Bug Bounty2020-10-212023-06-13
3034Smuggling an (Un)exploitable XSS HTTP Request Smuggling XSS NA Julien Ahrens (@MrTuxracer) Bug Bounty2020-11-132023-06-13
2868Get paid by smuggling, the legal way HTTP Request Smuggling NA James Ling (@James_puppykok) Bug Bounty2021-01-252023-06-13
2729Exploiting HTTP Request Smuggling (TE.CL)— XSS to website takeover HTTP request smuggling XSS NA Kleiton Kurti (@kleiton0x7e) Bug Bounty2021-03-092023-06-13
2705H2C Smuggling in the Wild HTTP request smuggling NA Sean Yeoh (@seanyeoh) Bug Bounty2021-03-182023-06-13
2626Harvesting Active Directory credentials via HTTP Request Smuggling HTTP request smuggling NA Tijme Gommers (@tijme) Bug Bounty2021-04-192023-06-13
2276I owe your Request | HTTP Request Smuggling leads to Full Accounts takeover HTTP Request Smuggling NA Muhammad Adel (@ItsFadinG_) Bug Bounty2021-08-302023-06-13
2092Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond HTTP Header Smuggling HTTP Request Smuggling NA Daniel Thatcher (@_danielthatcher) Bug Bounty2021-11-102023-06-13
2076T-Reqs: HTTP Request Smuggling with Differential Fuzzing HTTP Request Smuggling NA Bahruz Jabiyev (@BahruzJabiyev) Bug Bounty2021-11-152023-06-13
1833ICMAD SAP Vulnerabilities (CVE-2022-22536, CVE-2022-22532 & CVE-2022-22533) HTTP request smuggling Memory leak DoS Memory corruption SAP SAP Product Security Response team Bug Bounty2022-02-082023-06-13
1775HDiff: A Semi-automatic Framework for Discovering Semantic Gap Attack in HTTP Implementations HTTP request smuggling DoS Semantic gap attacks NA Kaiwen Shen (@m0xiaoxi) Bug Bounty2022-03-012023-06-13
1657HTTP Request Smuggling on business.apple.com and Others. HTTP request smuggling Apple Stealthy (@stealthybugs) Bug Bounty2022-04-052023-06-13
1254Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling HTTP Request Smuggling Desync attack AWS Amazon Akamai Cisco Verisign Pulse Secure Varnish James Kettle (@albinowax) Bug Bounty2022-08-102023-06-13
1253Advanced Inter-Process Desynchronization in SAP’s HTTP Server Memory corruption RCE HTTP Request Smuggling Web cache poisoning Desync attack SAP Martin Doyhenard (@tincho_508) Bug Bounty2022-08-102023-06-13
1244FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies HTTP Request Smuggling DoS NA Bahruz Jabiyev (@BahruzJabiyev) Bug Bounty2022-08-112023-06-13
1121How to turn security research into profit: a CL.0 case study HTTP request smuggling Desync attack NA James Kettle (@albinowax) Bug Bounty2022-09-082023-06-13
1078HTTP Desync Attack (Request Smuggling) - Mass Account Takeover at a Cryptocurrency based asset and 121 other websites HTTP Request Smuggling Desync attack NA Ankit Singh (@AnkitCuriosity) Bug Bounty2022-09-142023-06-13
1072How an Akamai misconfiguration earned us USD 46.000 HTTP request smuggling Akamai Microsoft Apple Francesco Mariani (@_medusa_1_) Bug Bounty2022-09-172023-06-13