Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5286Google.com cross site scripting and privilege escalation in Consumer Surveys Stored XSS Authorization flaw Google Josip Franjkovic (@josipfranjkovic) Bug Bounty2013-01-032023-06-13
5279Overwriting Banner Images on Etsy Authorization flaw Etsy Jack Whitton (@fin1te) Bug Bounty2013-05-212023-06-13
5278Hijacking a Facebook Account with SMS Authorization flaw Account takeover Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-06-262023-06-13
5271Removing Covers Images on Friendship Pages, on Facebook Authorization flaw Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-09-252023-06-13
5218Bypass ad account roles vulnerability 2015 Authorization flaw Meta / Facebook Pouya Darabi (@Pouyadarabi) Bug Bounty2015-05-152023-06-13
5212Hacking Facebook Pages Authorization flaw Privilege escalation Broken Access Control Meta / Facebook Laxman Muthiyah (@LaxmanMuthiyah) Bug Bounty2015-08-262023-06-13
5188How I Could Compromise 4% (Locked) Instagram Accounts IDOR DoS Authorization flaw Meta / Facebook Arne Swinnen (@ArneSwinnen) Bug Bounty2016-03-272023-06-13
5187Watch Paint Dry: How I got a game on the Steam Store without anyone from Valve ever looking at it. Authorization flaw Logic flaw Valve Ruby Nealon (@_ruby) Bug Bounty2016-03-292023-06-13
5126Leak Private Videos [Vimeo Bug Bounty] Logic flaw Authorization flaw Vimeo Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-10-232023-06-13
5111I got emails - G Suite Vulnerability Logic flaw Authorization flaw Google Meta / Facebook Yelp Rojan Rijal (@uraniumhacker) Bug Bounty2017-02-022023-06-13
5108Facebook Groups Hack Authorization flaw Logic flaw Meta / Facebook Zahid Ali Bug Bounty2017-02-042023-06-13
5106Bypassed Facebook Phone Number Security Authorization flaw Logic flaw Information disclosure Meta / Facebook Zahid Ali Bug Bounty2017-02-102023-06-13
5104Vulnerabilities in Facebook Login Approval Form Authorization flaw Logic flaw Meta / Facebook Zahid Ali Bug Bounty2017-02-142023-06-13
5050Road to (unauthenticated) recovery: downloading GitHub SSO bypass codes Authorization flaw GitHub Yasin Soliman (@SecurityYasin) Bug Bounty2017-06-252023-06-13
5047Posting on groups as people whenever their email was known by an attacker Authorization flaw Meta / Facebook Zahid Ali Bug Bounty2017-06-292023-06-13
5036Fabric.io API permission apocalypse – Privilege Escalations Authorization flaw Account takeover Twitter WeSecureApp (@wesecureapp) Bug Bounty2017-07-102023-06-13
5024Missing Authorization check in Facebook Pages Manager Authorization flaw Meta / Facebook Arbaz Hussain (@ArbazKiraak) Bug Bounty2017-07-202023-06-13
5018Disabling New Emails From Facebook Without Email Owner Interaction Logic flaw Authorization flaw Meta / Facebook Zahid Ali Bug Bounty2017-07-262023-06-13
5009$10k host header Authorization flaw Google Ezequiel Pereira (@epereiralopez) Bug Bounty2017-08-102023-06-13
4985Bypassing Facebook Profile Picture Guard Security. Authorization flaw Meta / Facebook Armaan Pathan (@armaancrockroax) Bug Bounty2017-09-092023-06-13
4974Luminate Internal Privilege Escalation — Admin to Owner Authorization flaw Yahoo! / Verizon Media Rojan Rijal (@uraniumhacker) Bug Bounty2017-09-212023-06-13
4968Device Authorization Bypass! Authorization flaw NA Hassan Khan Yusufzai Bug Bounty2017-09-252023-06-13
4916Using App Ads Helper as an Analytic User Authorization flaw Meta / Facebook Joshua Regio Bug Bounty2017-12-092023-06-13
4909Account Takeover Due to Misconfigured Login with Facebook/Google Account takeover Authorization flaw Google Meta / Facebook Bhavuk Jain (@bhavukjain1) Bug Bounty2017-12-202023-06-13
4881[Yahoo Bug Bounty] Unauthorized Access to Unisphere Management Server Debugging Facility on https://bf1-uaddbcx-002.data.bf1.yahoo.com/Debug/ Authorization flaw Yahoo! / Verizon Media Peerzada Fawaz Ahmad Qureshi Bug Bounty2018-01-252023-06-13