Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2464Exploiting File Upload Functionality in Unique Way. Unrestricted file upload NA Rohit Soni (@streetofhacker) Bug Bounty2021-06-192023-06-13
2463Zero Click account Takeover Account takeover Password reset NA Zahir Tariq (@ZahirTariq3) Bug Bounty2021-06-192023-06-13
2462Full Local File Read via Error Based XXE using XLIFF File XXE NA pwn.vg / Tomi (@mastomii) Bug Bounty2021-06-192023-06-13
2461How I Found A Vulnerability To Hack iCloud Accounts and How Apple Reacted To It Account takeover MFA bypass Rate limiting bypass Race condition Apple Laxman Muthiyah (@laxmanmuthiyah) Bug Bounty2021-06-192023-06-13
2460Unprivileged User with Read/Write permission to `User Access` can escalate their role to ADMIN — Privilege Escalation Privilege escalation NA Ertugrul Ozdemir (@ertugrulphp) Bug Bounty2021-06-202023-06-13
2459Stored XSS via Invite leading to Mass Account Takeover at Opera. Stored XSS Opera Samrat Gupta (@Sm4rty_) Bug Bounty2021-06-202023-06-13
2458Cracking Encrypted Credit Card Numbers Exposed By API Information disclosure Weak crypto NA Craig Hays (@craighays) Bug Bounty2021-06-222023-06-13
2457Generate online votes using Race Condition Vulnerability in Woobox Web Application (Write Up) Race condition Woobox Evan Ricafort (@evanricafort) Bug Bounty2021-06-232023-06-13
2456How i was able to get Appreciation from the organization of a website just by changing a sign..!!! Information disclosure Source code disclosure NA Fardeen Ahmed (@fardeenahmed411) Bug Bounty2021-06-232023-06-13
2455Three Microsoft Store vulnerabilites Payment tampering Logic flaw Microsoft Marlon Fabiano (@astrounder) Bug Bounty2021-06-242023-06-13
2454Microsoft Store free purschase vulnerabilites Payment tampering Logic flaw Microsoft Marlon Fabiano (@astrounder) Bug Bounty2021-06-242023-06-13
2453MSRC is confused! 😕 Dependency confusion Microsoft Ricardo Iramar dos Santos (@ricardo_iramar) Bug Bounty2021-06-242023-06-13
2452Flywheel Subdomain Takeover Subdomain takeover NA Smaran Chand (@smaranchand) Bug Bounty2021-06-242023-06-13
2451A supply-chain breach: Taking over an Atlassian account XSS CSRF Atlassian Dikla Barda, Yaara Shriki Bug Bounty2021-06-242023-06-13
2450PII Leakage - Revealing Secrets Information disclosure NA Jerry Shah (@Jerry) Bug Bounty2021-06-252023-06-13
2449From Information Disclosure to interesting Privilege Escalation Information disclosure Account takeover Privilege escalation NA David Shaul (@dudy2kk) Bug Bounty2021-06-252023-06-13
2448Gaining access to protected components Vulnerable Android content provider Android NA DavMehtab Zafar (@0xmzfr) Bug Bounty2021-06-252023-06-13
2447Some ways to find more IDOR IDOR NA Thái Vũ (@thaivd98) Bug Bounty2021-06-262023-06-13
2444Escalating XSS to Arbitrary File Read XSS LFI NA Pethuraj (@Pethuraj) Bug Bounty2021-06-272023-06-13
2443Misconfigured $3 Bucket - A Semi Opened Environment AWS misconfiguration Redbull Yukesh Kumar (@3th1c_yuk1) Bug Bounty2021-06-272023-06-13
2442Taking over Uber accounts through voicemail Account takeover Voicemail hacking Uber Shubham Shah (@infosec_au) Bug Bounty2021-06-272023-06-13
2441Diving into Dependabot along with a bug in npm SSRF RCE GitHub tyage (@tyage) Bug Bounty2021-06-272023-06-13
2440How I found my first Chrome bug (CVE-2021–21210) NAT Slipstreaming Google (Chrome) Daniel Santos (@bananabr) Bug Bounty2021-06-282023-06-13
2439gcp-dhcp-takeover-code-exec DHCP flood VM takeover Google Imre Rad (@ImreRad) Bug Bounty2021-06-282023-06-13
2438How I was able to Takeover Accounts on Foxit.com Password reset Account takeover NA Jefferson Gonzales (@gonzxph) Bug Bounty2021-06-292023-06-13