Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2394Escalating Self-XSS To Stored XSS via Image injection + IDOR Self-XSS Stored XSS IDOR NA Demon (@R29k_) Bug Bounty2021-07-212023-06-13
2378Abusing JSON Web Token to steal accounts — 3000$ IDOR NA Filipe Azevedo (@filipaze_) Bug Bounty2021-07-272023-06-13
2371How I found my first IDOR in HackerOne IDOR NA N1GHTMAR3 (@n1ghtmar3_2421) Bug Bounty2021-07-292023-06-13
2366Facebook Vulnerability: Expose Group Member — $3000 IDOR Meta / Facebook Muhammad Sholikhin (@MuhammadLikhin) Bug Bounty2021-07-302023-06-13
2364How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR Self-XSS IDOR Account takeover HackerEarth Jefferson Gonzales (@gonzxph) Bug Bounty2021-07-312023-06-13
2355Privilege Escalation | stealing user’s point | Bugcrowd IDOR Privilege escalation NA Abhind Abhi Bug Bounty2021-08-022023-06-13
2354~/BugBounty/IDOR/”How I was able to exfiltrate any user’s credit coupons” IDOR NA Jai Sharma (@ja1sharma) Bug Bounty2021-08-022023-06-13
2337What is BOLA? 3-digit bounty from Topcoder ($$$) IDOR Topcoder can1337 (@canmustdie) Bug Bounty2021-08-092023-06-13
2336Fuzzing + IDOR = Admin TakeOver IDOR Account takeover NA Gonzalo Carrasco (@0xCGonzalo) Bug Bounty2021-08-092023-06-13
2329How I found read/write access to the personal data of 3 million users of an E-commerce website? IDOR NA Prashant Singh / SecGeek_one0one Bug Bounty2021-08-132023-06-13
2313Account Takeover via Access Token Leakage IDOR Information disclosure Account takeover NA Tuhin Bose (@tuhin1729_) Bug Bounty2021-08-192023-06-13
2307MonkeyType.com Stored Cross-Site Scripting Stored XSS Authentication bypass IDOR MonkeyType.com Tyle Butler (@tbutler0x90) Bug Bounty2021-08-222023-06-13
2306Story Of Unexpected Bugs IDOR XSS NA Neh Patel (@thecyberneh) Bug Bounty2021-08-222023-06-13
2301How i was able to steal private files of any user on Larksuite IDOR NA Imran Nissar (@Imrannissar3) Bug Bounty2021-08-242023-06-13
2295Retrieve Archived Stories Of Any Public Instagram Account. IDOR GraphQL Meta / Facebook Naveen Bug Bounty2021-08-252023-06-13
2290Oauth client secret leak and possible IDOR leading to PII Disclosure IDOR OAuth Information disclosure NA Monke (@pmofcats) Bug Bounty2021-08-262023-06-13
2287How I Scored 2K Bounty via an IDOR IDOR Mail.ru Sicksec (@OriginalSicksec) Bug Bounty2021-08-272023-06-13
2277Two account takeover bugs worth $4300 🎁 Account takeover Privilege escalation 403 bypass IDOR NA Usama Varikkottil (@usama_dev) Bug Bounty2021-08-292023-06-13
2266Hacking Dutch Government For a lousy T-shirt IDOR Information disclosure Dutch Government Veshraj Ghimire (@GhimireVeshraj) Bug Bounty2021-09-022023-06-13
2263Breaking Application’s Logic to DOS Attack IDOR DoS NA Abhijeet Singh (@abhiunix) Bug Bounty2021-09-022023-06-13
2256IDOR Vulnerability In GraphQL Api On Website IDOR GraphQL NA Aidil Arief Bug Bounty2021-09-032023-06-13
22472 CSRF 1 IDOR on Google Marketing Platform IDOR CSRF Google apapedulimu / Nosa Shandy (@LocalHost31337) Bug Bounty2021-09-062023-06-13
2229Exposing Millions of IRCTC Passengers%27 ticket details. IDOR IRCTC Renganathan (@IamRenganathan) Bug Bounty2021-09-122023-06-13
2222How I hacked worldwide Tiktok users IDOR TikTok s3c (@s3c_krd) Bug Bounty2021-09-152023-06-13
2216A Small Tale of Account Takeover … IDOR Account takeover NA Saugat Pokharel (@saugatpk5) Bug Bounty2021-09-162023-06-13