Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4621How i found a 1500$ worth Deserialization vulnerability Misconfigured JSF ViewState Insecure deserialization NA Ashish Kunwar (@D0rkerDevil) Bug Bounty2018-08-282023-06-13
4618A Infinite Loop Story. DoS NA Ashish Kunwar (@D0rkerDevil) Bug Bounty2018-08-292023-06-13
4617Finding hidden gems vol. 2: REAMDE.md, the story of a bit too helpful readme file Information disclosure NA Mateusz Olejarka (@molejarka) Bug Bounty2018-08-292023-06-13
4613https://medium.com/@mahitman1/i-own-your-customers-22e965761abd Information disclosure Hardcoded credentials AWS misconfiguration NA Muhammad Abdullah Bug Bounty2018-09-012023-06-13
4609P1 Vulnerability in 60 seconds Information disclosure File disclosure NA Wh11teW0lf (@wh11tew0lf) Bug Bounty2018-09-052023-06-13
4608How I could download the source code of an Indian e-commerce website!! File disclosure Source code disclosure NA Minali Arora (@AroraMinali) Bug Bounty2018-09-052023-06-13
4606Simple Login Brute Force / Current Password Requirement Bypass IDOR Account takeover Bruteforce NA Mandeep Jadon (@1337tr0lls) Bug Bounty2018-09-072023-06-13
4605Write-up - Love story, from closed as informative to $3,500 USD, XSS stored in Yahoo! iOS MaiL app Stored XSS Yahoo! / Verizon Media Omar Espino (@omespino) Bug Bounty2018-09-072023-06-13
4604RCE Unsecure Jenkins Instance | Bug Bounty POC RCE Exposed Jenkins instance NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-09-072023-06-13
4599How I find Open-Redirect Vulnerability in redacted.com (One of the top online payment processing service website) Open redirect NA Muhammad Asim Shahzad (@protector47) Bug Bounty2018-09-092023-06-13
4597Making the Facebook app more secure - $8500 bounty Open redirect Meta / Facebook Ashley King (@AshleyKingUK) Bug Bounty2018-09-092023-06-13
4596Stored XSS Vulnerability in H1C Private site Stored XSS NA Anas Mahmood (@AnasIsHere) Bug Bounty2018-09-092023-06-13
4595Apple Safari & Microsoft Edge Browser Address Bar Spoofing - Writeup Address Bar Spoofing Microsoft Apple Rafay Baloch (@rafaybaloch) Bug Bounty2018-09-102023-06-13
4590Open-Redirect Vulnerability in udacity.com Open redirect Udacity Anil Tom (mr_4nk) Bug Bounty2018-09-112023-06-13
4586How I hijacked your account when you opened my cat picture Logout CSRF NA Matti Bijnens (@MattiBijnens) Bug Bounty2018-09-142023-06-13
4585Persistent Cross-Site Scripting on redacted worth $2,000 Stored XSS NA Muhammad Asim Shahzad (@protector47) Bug Bounty2018-09-152023-06-13
4583User Account takeover in India’s largest digital business company Account takeover OTP bypass NA Minali Arora (@AroraMinali) Bug Bounty2018-09-162023-06-13
4580Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution ) LFI Unrestricted file upload RCE NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-09-182023-06-13
4577Bypassing Authentication Using Javascript Debugger. Authentication bypass NA Mohit Dabas (@mohitdabas08) Bug Bounty2018-09-182023-06-13
4572R-XSS -> CSRF bypass to account takeover/ Reflected XSS CSRF NA Nirmal Dahal (@TheNittam) Bug Bounty2018-09-212023-06-13
4569Subdomain Takeover via Unsecured S3 Bucket Connected to the Website Subdomain takeover NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-09-242023-06-13
4568Weaponizing XSS Attacking Internal System Blind XSS NA Rahul R Bug Bounty2018-09-252023-06-13
4565Arbitrary File Read in one of the largest CRMs LFI NA Richard Clifford (@MantisSTS) Bug Bounty2018-09-262023-06-13
4564Thick Client — Attacking databases the fun/easy way Thick client Credentials sent over unencrypted channel NA Richard Clifford (@MantisSTS) Bug Bounty2018-09-262023-06-13
4563#BugBounty — From finding Jenkins instance to Command Execution.Secure your Jenkins Instance! RCE Exposed Jenkins instance NA Avinash Jain (@logicbomb_1) Bug Bounty2018-09-272023-06-13