Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5234Google Bug Bounty: Nice Catch on Google Cloud Platform Live Reflected XSS Google Julien Ahrens (@MrTuxracer) Bug Bounty2014-11-202023-06-13
5208Open Redirect in Linkedin and Yahoo Open redirect LinkedIn Yahoo! / Verizon Media Vitor “r0t” Oliveira (@r0t1v) Bug Bounty2015-09-242023-06-13
5163Uber Hacking: How we found out who you are, where you are and where you went Bruteforce Information disclosure Logic flaw IDOR Uber Vitor “r0t” Oliveira (@r0t1v) Bug Bounty2016-06-242023-06-13
5155Remote Code Execution (RCE) on Microsoft%27s %27signout.live.com%27 RCE Microsoft Peter Adkins (@darkarnium) Bug Bounty2016-07-242023-06-13
5091Airbnb – Chaining Third-Party Open Redirect into Server-Side Request Forgery (SSRF) via LivePerson Chat Open redirect SSRF Path traversal Airbnb Brett Buerhaus (@bbuerhaus) Bug Bounty2017-03-092023-06-13
5085Near universal XSS in McAfee Web Gateway XSS McAfee Olivier Arteau Bug Bounty2017-03-172023-06-13
4963Subdomain Takeover Through Expired Cloudfront Distribution | live.lamborghini.co Subdomain takeover Lamborghini Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-10-102023-06-13
4805How I hacked companies related to the crypto currency and earned $60,000 Authorization flaw CSRF IDOR Stored XSS HTML injection okex.com livecoin.net Max (@0xw2w) Bug Bounty2018-04-142023-06-13
4707Unauthenticated Command Injection Vulnerability in VMware NSX SD-WAN by VeloCloud OS command injection RCE VMware Brian Sullivan Bug Bounty2018-06-292023-06-13
4473Creating unauthorized comments on Facebook Live Stream! Privilege escalation Authorization flaw Meta / Facebook Binit Ghimire (@WHOISbinit) Bug Bounty2018-11-162023-06-13
4322How I hacked 40,000 user accounts of Microsoft using 2FA bypass(outlook.live.com) MFA bypass Microsoft Vartul Goyal (@hackvartul) Bug Bounty2019-02-052023-06-13
4016How I found the most critical bug in live bug bounty event? Password reset Account takeover NA Lakshay (@inn0c3ntd3v1L) Bug Bounty2019-07-242023-06-13
3866Responsible denial of service with web cache poisoning DoS Web cache poisoning Tesla HackerOne Deliveroo Bitbucket Paypal Meta / Facebook Twitter James Kettle (@albinowax) Bug Bounty2019-10-242023-06-13
3855Live Video facebook application (Android) its not expired when log out the device on https://www.facebook.com/settings?tab=security&section=sessions&view Logic flaw Meta / Facebook Naufal Septiadi Bug Bounty2019-10-302023-06-13
3380Replying on LiveStream leading to Page Admin Disclosure: Facebook Bug Bounty Information disclosure Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2020-06-182023-06-13
3065Beyond the wall: command injection still alive. OS command injection NA Ahmed Constant (@a_Constant_) Bug Bounty2020-10-312023-06-13
3033Replying Comments On Someone’s LiveStream From Page is Posted as Personal Identity Logic flaw Meta / Facebook Prakash Panta (@Prakashpanta268) Bug Bounty2020-11-132023-06-13
3022Firefox: How a website could steal all your cookies Arbitrary file read Mozilla Pedro Oliveira (@kanytu) Bug Bounty2020-11-162023-06-13
2938Event Creator Is Not Able To Block The Attacker During Event Livestream Logic flaw Meta / Facebook Prakash Panta (@prakashpanta268) Bug Bounty2020-12-302023-06-13
2936Replying Comments On Someone’s Livestream From Page Is Posted As Personal Identity Information disclosure Meta / Facebook Prakash Panta (@prakashpanta268) Bug Bounty2020-12-302023-06-13
2635(POC) Remove any Facebook’s live video ($14,000 bounty) Logic flaw Meta / Facebook Ahmad Talahmeh Bug Bounty2021-04-172023-06-13
2629(POC) Untrim any live video on Facebook Authorization flaw Meta / Facebook Ahmad Talahmeh Bug Bounty2021-04-182023-06-13
2614Brave — Stealing your cookies remotely Arbitrary file read Brave Software Pedro Oliveira (@kanytu) Bug Bounty2021-04-222023-06-13
2541Writeups: Facebook Whitehat program(2021): Instagram Live setting bug Logic flaw Meta / Facebook Takashi Suzuki Bug Bounty2021-05-202023-06-13
2433View Other User Private Livestream Data IDOR Meta / Facebook Geva (@Geva_7) Bug Bounty2021-07-032023-06-13