Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3006Reflected Cross Site Scripting on REDACTED Program (Bounty: 750$) Reflected XSS NA can1337 (@canmustdie) Bug Bounty2020-11-232023-06-13
2337What is BOLA? 3-digit bounty from Topcoder ($$$) IDOR Topcoder can1337 (@canmustdie) Bug Bounty2021-08-092023-06-13
2097SONY Hunting I: Discovering Hidden Parameters (5x SWAG) Open redirect Sony can1337 (@canmustdie) Bug Bounty2021-11-072023-06-13
1746How Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control) Broken Access Control NA can1337 (@canmustdie) Bug Bounty2022-03-112023-06-13
1332I mean, IDOR is NOT only about others ID IDOR NA can1337 (@canmustdie) Bug Bounty2022-07-222023-06-13
1285Multiple bugs in one program leads to 1500€ Privilege escalation IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-022023-06-13
1182Break the Logic: Insecure Parameters (€300) Parameter manipulation Logic flaw Mass assignment NA can1337 (@canmustdie) Bug Bounty2022-08-242023-06-13
1173Break the Logic: 5 Different Perspectives in Single Page (€1500) Client-side enforcement of server-side security IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-262023-06-13
654Bypass Apple’s redirection process with the dot (“.”) character Open redirect Apple can1337 (@canmustdie) Bug Bounty2022-12-242023-06-13