Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
748Bypassing The Client Side Encryption To Read Internal Windows Server Files Client-side encryption bypass LFI Security code review NA Abhishek Morla (@abhishekmorla) Bug Bounty2022-12-012023-06-13
747How I found my first RCE! RCE Components with known vulnerabilities WSO2 SSRF NA 302Found Bug Bounty2022-12-012023-06-13
746From Zero to Hero Part 2: From SQL Injection to RCE on Intel DCM (CVE-2022-21225) SQL injection Kerberos RCE Privilege escalation Security code review Intel Julien Ahrens (@MrTuxracer) Bug Bounty2022-12-012023-06-13
744Interesting find on the Invite link Logic flaw NA Sathvika Bug Bounty2022-12-022023-06-13
743[WRITE-UP] Irremovable comments on the FB Lite app | A story of a simple FB Lite bug that I found just by observation (Bounty: 500 USD) Logic flaw Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2022-12-022023-06-13
740Pre-Auth RCE with CodeQL in Under 20 Minutes Security code review RCE Command injection Authorization flaw pgAdmin Florian Hauser (@frycos) Bug Bounty2022-12-022023-06-13
739Hacking on a plane: Leaking data of millions and taking over any account IDOR NA rez0 (@rez0__) Bug Bounty2022-12-022023-06-13
736A $$$ worth of cookies! | Reflected DOM-Based XSS | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-12-032023-06-13
735Account Takeover - Inside The Tenant Account takeover Information disclosure NA Jerry Shah (@Jerry) Bug Bounty2022-12-032023-06-13
734Manipulating AES Traffic using a Chain of Proxies and Hardcoded Keys Android Hardcoded credentials Client-side encryption bypass NA Aditya Dixit (@zombie007o) Bug Bounty2022-12-032023-06-13
732URL Validation Bypass Using Browser URI Normalization URL validation bypass NA Marx Chryz Del Mundo Bug Bounty2022-12-042023-06-13
731The most underrated injection of all time — CYPHER INJECTION. How I found and exploited it ? Cypher injection SSRF NA Ashutosh Dutta (@maniacmarvel_) Bug Bounty2022-12-042023-06-13
728OTP Leaking Through Cookie Leads to Account Takeover Information disclosure Account takeover NA ag3n7 Bug Bounty2022-12-052023-06-13
727[BAC/IDOR] How my father credit card help me to find this access control issue IDOR Lack of rate limiting NA Xcoder(Joy ahmed) (@xcoder074) Bug Bounty2022-12-052023-06-13
726TheHole New World - how a small leak will sink a great browser (CVE-2021-38003) Memory corruption RCE Google (Chrome) Bruce Chen (@bruce30262) Bug Bounty2022-12-062023-06-13
724The Last Breath of Our Netgear RAX30 Bugs - A Tragic Tale before Pwn2Own Toronto 2022 Command injection RCE Security code review Netgear Vu Thi Lan (@lanleft_) Bug Bounty2022-12-062023-06-13
723Cool Vulns Don%27t Live Long - Netgear And Pwn2Own Code injection RCE Security code review Netgear Kevin Denis Bug Bounty2022-12-062023-06-13
722How you can find your first bug using google Information disclosure NA shbugger1 Bug Bounty2022-12-072023-06-13
721A03:2021 — [Injection] SQL Injection through internal directory disclose SQL injection Information disclosure NA Tushar Bug Bounty2022-12-072023-06-13
718CORS Misconfig on Out of scope domain Bug Bounty Writeup (300 USD Reward ) CORS misconfiguration NA Eagle_92 Bug Bounty2022-12-082023-06-13
717{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF WAF bypass SQL injection Palo Alto Networks AWS Cloudflare F5 Imperva Noam Moshe Bug Bounty2022-12-082023-06-13
716STRIPE Live Key Exposed:: Bounty: $1000 Information disclosure NA Vipul Sahu Bug Bounty2022-12-092023-06-13
715Privilege Escalation to remove the owner from the organization Privilege escalation Mass assignment NA Hemant Kumar Bug Bounty2022-12-092023-06-13
714The first step to PWN2OWN - A sad one Command injection Netgear Vương Quốc Huy Bug Bounty2022-12-092023-06-13
712Automate Cross-Site Scripting (XSS) exploitation with unusal events and Burp Intruder XSS WAF bypass NA Riccardo Malatesta (@seeu_inspace) Bug Bounty2022-12-102023-06-13