Write-ups

Check The Published Writeups

WDBTitleTagsProgramsAuthorsTypePublicationAdded
2490Two weeks of securing Samsung devices: Part 1 Arbitrary file write Insecure intent Android Samsung Oversecured (@OversecuredInc) Bug Bounty2021-06-102023-06-13
2489Bypassing 2FA using OpenID Misconfiguration MFA bypass Authentication flaw NA Youstin (@iustinBB) Bug Bounty2021-06-112023-06-13
2488How I was able to bypass the admin panel without the credentials. Information disclosure NA Pratikkhalane (@KhalanePratik) Bug Bounty2021-06-122023-06-13
2487How I found the silliest logical vulnerability for $750 that no one found for 3 years Logic flaw NA Sina Kheirkhah (@SinSinology) Bug Bounty2021-06-122023-06-13
2486Story of Account Takeover : Using Social Login with Mass Assignment Vulnerability to hack accounts ! Mass assignment Account takeover NA Mohammad Kaif Bug Bounty2021-06-132023-06-13
2485[Google VRP] Privilege escalation on https://dialogflow.cloud.google.com Authorization flaw Logic flaw Google lalka (@0x01alka) Bug Bounty2021-06-132023-06-13
2483An exciting journey to find SSRF , Bypass Cloudflare , and extract AWS metadata ! SSRF NA hosein vita (@HoseinVita) Bug Bounty2021-06-132023-06-13
2482Blind Command Injection - It hurts Command injection RCE NA Jerry Shah (@Jerry) Bug Bounty2021-06-142023-06-13
2481Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs postMessage Token leak Microsoft Evan Grant (@stargravy) Bug Bounty2021-06-142023-06-13
2480Exploiting outdated Apache Airflow instances Session management issue NA Ian Carroll (@iangcarroll) Bug Bounty2021-06-142023-06-13
2479Importance of burp history analysis to bypass 403 403 bypass NA Vuk Ivanovic Bug Bounty2021-06-152023-06-13
2478This is how I was able to see Private, Archived Posts/Stories of users on Instagram without following them IDOR GraphQL NA Mayur Fartade (@mayurfartade) Bug Bounty2021-06-152023-06-13
2477How We Are Able To Hack Any Company By Sending Message – $20,000 Bounty [CVE-2021–34506] Universal XSS Microsoft Shivam Kumar Singh (@MrRajputHacker) Bug Bounty2021-06-152023-06-13
2476Authentication Bypass | Easy P1 in 10 minutes Authentication bypass Forced browsing NA Anirudh Makkar (@anirudhmakkar) Bug Bounty2021-06-162023-06-13
2475One-click DOS via Response Manipulation Logic flaw NA Akhil Bug Bounty2021-06-162023-06-13
2474Story of Google Hall of Fame and Private program bounty worth $$$$ Exposed registration page Google Basavaraj Banakar (@basu_banakar) Bug Bounty2021-06-162023-06-13
2473Part-1 Dive into Zoom Applications CSRF Payment bypass Logic flaw Account takeover Privilege escalation Zoom Rakesh Thodupunoori (@rakesh_3895) Bug Bounty2021-06-162023-06-13
2472Why dynamic code loading could be dangerous for your apps: a Google example Arbitrary file write Insecure intent Android Google Oversecured (@OversecuredInc) Bug Bounty2021-06-172023-06-13
2471Crashing your LinkedIn app with a connection request. Application-level DoS LinkedIn Renganathan (@IamRenganathan) Bug Bounty2021-06-172023-06-13
2470HTML Injection and a dream in Google Chrome for Linux (Write Up) HTML injection Google Evan Ricafort (@evanricafort) Bug Bounty2021-06-172023-06-13
2469Certified Pre-Owned Active Directory Privilege Escalation ADCS Windows Microsoft Will Schroeder (@harmj0y) Bug Bounty2021-06-172023-06-13
2468How We Are Able To Hack Any Company By Sending Message - $20,000 Bounty [CVE-2021–34506] Universal XSS Microsoft Vansh Devgan (@Th3Pr0xyB0y) Bug Bounty2021-06-182023-06-13
2467M1 Macs GateKeeper bypass aka CVE-2021-30658 Local Privilege Escalation Apple Wojciech Reguła (@_r3ggi) Bug Bounty2021-06-182023-06-13
2466Account takeover via stored XSS with arbitrary file upload Insecure file upload XSS Account takeover NA 0xbadb00da (@0xbadb00da) Bug Bounty2021-06-182023-06-13
2465Accessing Restricted Documents With Extra JSON Body Content Mass assignment Authorization flaw NA Imran Huda (@imranHudaA) Bug Bounty2021-06-182023-06-13