Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1344How i was able to bypass Open Redirect 3 times on same program. Open redirect NA himanshu pdy (@himanshu_pdy) Bug Bounty2022-07-192023-06-13
1330How I was able to Take over a support chat using leaked Keys Information disclosure NA Pliskin Bug Bounty2022-07-222023-06-13
1313CVE-2022-26712: The POC for SIP-Bypass Is Even Tweetable MacOS SIP bypass Apple Mickey Jin (@patch1t) Bug Bounty2022-07-262023-06-13
1275How i was able to get 29 free products. | Bug Bounty Race condition NA Fırat Bug Bounty2022-08-062023-06-13
1273Irremovable guest in facebook event — Facebook bug bounty Logic flaw Meta / Facebook Rajiv Gyawali (@rajiv_gyawali) Bug Bounty2022-08-062023-06-13
1246The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors Privilege escalation Cross-tenant vulnerability OS command injection Local Privilege Escalation Cloud Google Microsoft Aiven Shir Tamari (@shirtamari) Bug Bounty2022-08-112023-06-13
1206Let%27s Dance in the Cache - Destabilizing Hash Table on Microsoft IIS! DoS Web cache poisoning Authentication bypass Microsoft Orange Tsai (@orange_8361) Bug Bounty2022-08-182023-06-13
1172Zimbra Open Bucket Data Leak – Responsible Disclosure AWS misconfiguration Zimbra Raffaele Forte (@raffaele_forte) Bug Bounty2022-08-262023-06-13
1146SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) Memory corruption Local Privilege Escalation Ubuntu Linux Kernel Organization Cedric Halbronn (@saidelike) Bug Bounty2022-09-012023-06-13
1141Google & Apache Found Vulnerable to GitHub Environment Injection Privilege escalation CI/CD Google Apache Noam Dotan Bug Bounty2022-09-012023-06-13
1137Caching the Un-cacheables - Abusing URL Parser Confusions (Web Cache Poisoning Technique) Web cache poisoning XSS DoS Glassdoor Harel (@h4r3l) Bug Bounty2022-09-022023-06-13
1103How I was able to see likes count even though is hidden by victim | YouTube Information disclosure Logic flaw Google R ando (@Rando02355205) Bug Bounty2022-09-082023-06-13
1097How I was able to Bypass Philips Authentication Outdated component with a known vulnerability Authentication bypass Philips ParagBagul Bug Bounty2022-09-102023-06-13
1090LiveHelperChat - Remote Code Execution via Vulnerable Theme Upload Function RCE Live Helper Chat Arben Shala (@arbennsh) Bug Bounty2022-09-132023-06-13
1022Practically-exploitable Cryptographic Vulnerabilities in Matrix Cryptographic issues Matrix Martin Albrecht (@martinralbrecht) Bug Bounty2022-09-282023-06-13
979Enter "Sandbreak" - Vulnerability In vm2 Sandbox Module Enables Remote Code Execution (CVE-2022-36067) RCE Sandbox bypass vm2 Oxeye (@OxeyeSecurity) Bug Bounty2022-10-102023-06-13
949Facebook SMS Captcha Was Vulnerable to CSRF Attack CSRF Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2022-10-172023-06-13
912Stranger Strings: An exploitable flaw in SQLite Memory corruption Buffer Overflow DoS SQLite Andreas Kellas Bug Bounty2022-10-252023-06-13
888How i was able to get free money via sending negative tokens Logic flaw Payment tampering NA Mohamed Anani (@0xM5awy) Bug Bounty2022-10-282023-06-13
852Netgear Nighthawk R7000P AWS_JSON Unauthenticated Double Stack Overflow Vulnerability Memory corruption Netgear Jean-Jamil Khalife Bug Bounty2022-11-092023-06-13
817Got Another XSS using Double Encoding XSS NA ag3n7 Bug Bounty2022-11-172023-06-13
813Bypassing XSS filters using Double Encoding XSS WAF bypass NA ag3n7 (@ag3n7apk) Bug Bounty2022-11-182023-06-13
809SyncJacking: Hard Matching Vulnerability Enables Azure AD Account Takeover Account takeover Azure AD Cloud Microsoft Tomer Nahum (@TomerNahum1) Bug Bounty2022-11-182023-06-13
778Able to Mass-change profile section leads to my first $BOUNTY$ HTML injection IDOR CSRF NA SYRINE Bug Bounty2022-11-252023-06-13
7652FA Enabled Accounts Can Bypass Authentication & Access Account After Deactivation Authentication bypass Account takeover NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2022-11-272023-06-13