Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5086Penetrating PornHub – XSS vulns galore (plus a cool shirt!) XSS PornHub Jon Bottarini (@jon_bottarini) Bug Bounty2017-03-162023-06-13
5081Inspect Element leads to Stripe Account Lockout Authentication Bypass Authentication bypass Stripe Jon Bottarini (@jon_bottarini) Bug Bounty2017-04-032023-06-13
4904Abusing internal API to achieve IDOR in New Relic IDOR New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-01-022023-06-13
4834GraphQL abuse: Bypass account level permissions through parameter smuggling GraphQL Privilege escalation New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-03-142023-06-13
4539Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR) IDOR New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-10-092023-06-13
4095Using Burp Suite match and replace settings to escalate your user privileges and find hidden features Client-side enforcement of server-side security New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2019-06-172023-06-13
4094Reflected XSS in Tokopedia Train Ticket Reflected XSS New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2019-06-172023-06-13
2007Don’t Reply: A Clever Phishing Method In Apple’s Mail App Phishing Apple Jon Bottarini (@jon_bottarini) Bug Bounty2021-12-092023-06-13