Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 3456 | Chaining an IDOR with a business-logic error to achieve critical impact | IDOR Logic flaw | NA | Julien Cretel (@jub0bs) | Bug Bounty | 2020-05-26 | 2023-06-13 |
| 3370 | Leveraging an SSRF to leak a secret API key | SSRF | NA | Julien Cretel (@jub0bs) | Bug Bounty | 2020-06-22 | 2023-06-13 |
| 2149 | Abusing Slack’s file-sharing functionality to de-anonymise fellow workspace members | XSLeaks | Slack | Julien Cretel (@jub0bs) | Bug Bounty | 2021-10-12 | 2023-06-13 |
| 1839 | CVE-2022-21703: cross-origin request forgery against Grafana | CSRF SSRF | Grafana Labs | Julien Cretel (@jub0bs) | Bug Bounty | 2022-02-08 | 2023-06-13 |
| 122 | A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF… | postMessage JSONP DOM XSS CORS misconfiguration CSRF WAF bypass | NA | Julien Cretel (@jub0bs) | Bug Bounty | 2023-05-05 | 2023-06-13 |