Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
670A Technical Analysis of CVE-2022-22583 and CVE-2022-32800 MacOS Local Privilege Escalation SIP bypass Apple (macOS) Mickey Jin (@patch1t) Bug Bounty2022-12-212023-06-13
669My First Bug In Bugcrowd Platform Race condition NA EX_097 Bug Bounty2022-12-212023-06-13
668Cisco BroadWorks CommPilot Application Software Unauthenticated Server-Side Request Forgery (CVE-2022-20951) SSRF Security code review Cisco smaury (@smaury92) Bug Bounty2022-12-212023-06-13
667RCE on admin panel of web3 website RCE Components with known vulnerabilities NA T VAMSHI Bug Bounty2022-12-212023-06-13
666Zero Click To Account Takeover (IDOR + XSS) IDOR XSS Account takeover NA Arman (@M7arm4n) Bug Bounty2022-12-212023-06-13
6640 click Facebook Account Takeover and Two-Factor Authentication Bypass Authentication bypass GraphQL Account takeover Android MFA bypass Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2022-12-212023-06-13
662How Race Condition helped me break Business Logic of the application Race condition NA Inderjeet Singh (@3nc0d3dGuY) Bug Bounty2022-12-212023-06-13
659ACSESSED: Cross-tenant network bypass in Azure Cognitive Search Cloud Cross-tenant vulnerability Privilege escalation Microsoft (Azure) Emilien Socchi (@emiliensocchi) Bug Bounty2022-12-222023-06-13
658ENLBufferPwn (CVE-2022-47949) Buffer Overflow Memory corruption RCE Nintendo PabloMK7 (@Pablomf6) Bug Bounty2022-12-222023-06-13
657$350 XSS in 15 minutes DOM XSS JSONP NA Anton (@therceman) Bug Bounty2022-12-232023-06-13
655CRLF Injection — xxx$ — How was it possible for me to earn a bounty with the Cloudflare WAF? CRLF injection NA Proviesec (@proviesec) Bug Bounty2022-12-242023-06-13
652Unusual 403 Bypass to a full website takeover [External Pentest] 403 bypass NA Viktor Mares Bug Bounty2022-12-252023-06-13
651How I Pwned 10 Admin Panels and got rewarded 8000$+? Information disclosure Credential stuffing NA Inderjeet Singh (@3nc0d3dGuY) Bug Bounty2022-12-252023-06-13
650Authentication Bypass in Nexus manager (version 3.37.3–02) Components with known vulnerabilities Authentication bypass HTTP response manipulation NA SHARAN.K Bug Bounty2022-12-262023-06-13
644Hacking a .NET API in the real world LFI NA Dana Epp (@DanaEpp) Bug Bounty2022-12-272023-06-13
641Unauthorized Sign-up on Subdomain of Subdomain leading to Organization takeover worth $2000 Exposed registration page NA Manav Bankatwala (@ManavBankatwala) Bug Bounty2022-12-282023-06-13
640Feedback Analyzer Exploitation Information disclosure NA hacker_might Bug Bounty2022-12-282023-06-13
639Getting Secret Key to Building Custom Burp Extension SQL injection NA Ashlyn Lau Bug Bounty2022-12-292023-06-13
638Account Takeover Due to Cognito Misconfiguration Earns Me €xxxx Amazon cognito misconfiguration Account takeover NA Mukund Bhuva (@MukundBhuva) Bug Bounty2022-12-292023-06-13
636Exploring the World of ESI Injection ESI injection WAF bypass XSS NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2022-12-292023-06-13
635CVE-2022-38627: A journey through SQLite Injection to compromise the whole enterprise building SQL injection NA Omar Hashem (@OmarHashem666) Bug Bounty2022-12-302023-06-13
634Subdomain Hijacking Of Any Qwilr’s Customer Subdomain takeover NA Prial Islam Khan (@prial261) Bug Bounty2023-01-012023-06-13
633How I took over an admin panel and got $500 Blind XSS Account takeover NA Muhammed Mubarak Bug Bounty2023-01-012023-06-13
629An amazing way to turn a xss into an ATO XSS Account takeover NA Naka Bug Bounty2023-01-022023-06-13
628Web-Cache Poisoning $$$? Worth it? Web cache poisoning XSS NA Yaseen Zubair Bug Bounty2023-01-022023-06-13