Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5195A Hilarious ESET Broken Authentication Vulnerability (one click free purchase) Authentication flaw SQL injection ESET Mohamed A. Baset Bug Bounty2016-02-122023-06-13
5182Facebook ClickJacking – How we put a new dress on Facebook UI Clickjacking Meta / Facebook Mohamed A. Baset Bug Bounty2016-04-222023-06-13
5181Official Telegram Web Client ClickJacking Vulnerability – When crypto is strong and client is weak Clickjacking Telegram Mohamed A. Baset Bug Bounty2016-04-282023-06-13
5180WhatsApp Clickjacking Vulnerability – Yet another web client failure! Clickjacking Meta / Facebook Mohamed A. Baset Bug Bounty2016-05-042023-06-13
5179Facebook movies recommendation vulnerability – A bug capable of erasing all your important notifications! Logic flaw DoS Meta / Facebook Mohamed A. Baset Bug Bounty2016-05-052023-06-13
5177FirefoxOS Find My Device Service Clickjacking Bug results in Changing PINs, Wiping and Locking Phones! Clickjacking Mozilla Mohamed A. Baset Bug Bounty2016-05-122023-06-13
5176Fiverr.com Full Accounts Takeover – A Vulnerability Puts $50 Million Company At Risk CSRF Fiverr Mohamed A. Baset Bug Bounty2016-05-132023-06-13
5172When your privacy disclosure is a “feature” not a “bug” – Badoo & HotorNot failure! Information disclosure Badoo Hot Or Not Mohamed A. Baset Bug Bounty2016-05-172023-06-13
5171Microsoft Yammer Clickjacking – Exploiting HTML5 Security Features Clickjacking Microsoft Mohamed A. Baset Bug Bounty2016-05-182023-06-13
5169RunKeeper Stored XSS Vulnerability – Where worms are able to run too! Stored XSS CSRF RunKeeper Mohamed A. Baset Bug Bounty2016-06-062023-06-13
5162TopCoder.com Vulnerabilities – A tail of site-wide bugs leads to accounts compromise & payments hijacking CSRF Account takeover Topcoder.com Mohamed A. Baset Bug Bounty2016-06-282023-06-13
5154BMW Vulnerabilities – Hijack Cars ConnectedDrive™ Service! Clickjacking CSRF BMW Mohamed A. Baset Bug Bounty2016-07-242023-06-13
5059Godaddy XSS affects parked domains redirector/processor! Reflected XSS GoDaddy Mohamed A. Baset Bug Bounty2017-06-112023-06-13
5058Vulnerability in Metasploit Project aka CVE-2017-5244 CSRF Rapid7 Mohamed A. Baset Bug Bounty2017-06-122023-06-13
5049CVE-2017-10711: Reflected XSS vulnerability in SimpleRisk – Open Source Risk Management System Reflected XSS SimpleRisk Mohamed A. Baset Bug Bounty2017-06-282023-06-13
5046OpenProject Session Management Security Vulnerability aka CVE-2017-11667 Session management issue OpenProject Mohamed A. Baset Bug Bounty2017-06-302023-06-13
4845Re-dressing Instagram – Leaking Application Tokens via Instagram ClickJacking Vulnerability! Clickjacking Meta / Facebook Mohamed A. Baset Bug Bounty2018-02-252023-06-13
4844The 2.5mins or 2.5k$ hawk-eye bug – A Facebook Pages Admins Disclosure Vulnerability! Information disclosure Meta / Facebook Mohamed A. Baset Bug Bounty2018-02-252023-06-13
4807Hijacking User’s Private Information access_token from Microsoft Office360 facebook App Logic flaw Microsoft Mohamed A. Baset Bug Bounty2018-04-132023-06-13
4771Asus Control Center – An Information Disclosure and a database connection Clear-Text password leakage Vulnerability Authorization flaw Information disclosure Asus Mohamed A. Baset Bug Bounty2018-05-082023-06-13