Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2373Chaining Open Redirect with XSS to Account Takeover Open redirect XSS Account takeover NA Radian ID Bug Bounty2021-07-292023-06-13
2368Account takeover via stored xss Stored XSS NA vikram naidu (@ImVikram7msd) Bug Bounty2021-07-302023-06-13
2364How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR Self-XSS IDOR Account takeover HackerEarth Jefferson Gonzales (@gonzxph) Bug Bounty2021-07-312023-06-13
2346Account Takeover (User + Admin) Via Password Reset Account takeover Password reset Logic flaw NA Hemant Patidar (@HemantSolo) Bug Bounty2021-08-052023-06-13
2336Fuzzing + IDOR = Admin TakeOver IDOR Account takeover NA Gonzalo Carrasco (@0xCGonzalo) Bug Bounty2021-08-092023-06-13
2324Simple HTML Injection to $250 Account takeover Mass assignment NA Ahmad Halabi (@Ahmad_Halabi_) Bug Bounty2021-08-142023-06-13
2321Why u should use burp to test Path Traversal Vulnerability and also get RXSS Path traversal XSS CSRF Account takeover NA Yasser Mohammed (@boomneroli) Bug Bounty2021-08-162023-06-13
2315How to Hack Apple ID XSS Account takeover Apple Zemnmez (@zemnmez) Bug Bounty2021-08-172023-06-13
2313Account Takeover via Access Token Leakage IDOR Information disclosure Account takeover NA Tuhin Bose (@tuhin1729_) Bug Bounty2021-08-192023-06-13
2300[$5K] Misconfigured Reset password that leads to Account Takeover (No user Interaction ATO) Account takeover Password reset Information disclosure NA Aditya Sharma (@Assass1nmarcos) Bug Bounty2021-08-242023-06-13
2299One Endpoint, Two Account Takeovers Account takeover NA Yashar Shahinzadeh (@YShahinzadeh) Bug Bounty2021-08-242023-06-13
2289ChaosDB: Critical Vulnerability in Microsoft Azure Cosmos DB Account takeover Local Privilege Escalation Microsoft Nir Ohfeld (@nirohfeld) Bug Bounty2021-08-262023-06-13
2281ATO of WordPress Website “4 digits €€€€ Bounty in 5 Minute!” Exposed registration page Account takeover NA Ritesh Gohil (@RiteshG37659480) Bug Bounty2021-08-292023-06-13
2277Two account takeover bugs worth $4300 🎁 Account takeover Privilege escalation 403 bypass IDOR NA Usama Varikkottil (@usama_dev) Bug Bounty2021-08-292023-06-13
2264chaining bugs from self XSS to account takeover Self-XSS WAF bypass CSRF Account takeover NA Behnam Yazdanpanah (@abhiunix) Bug Bounty2021-09-022023-06-13
2250Eye for an eye: Unusual single click JWT token takeover Open redirect JWT Account takeover JetBrains Yurii Sanin (@SaninYurii) Bug Bounty2021-09-052023-06-13
2248How I can take over any user’s account with their mobile number Account takeover OTP bypass Authentication bypass NA Sushmitha Katikitala Bug Bounty2021-09-062023-06-13
2240Facebook email disclosure and account takeover Information disclosure Account takeover Meta / Facebook Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2021-09-082023-06-13
2239Account Takeover via XSS in e-signature feature worth 2500$ XSS Account takeover NA Gökhan Güzelkokar (@gkhck_) Bug Bounty2021-09-082023-06-13
2219This is why you shouldn’t trust your Federated Identity Provider OAuth Account takeover Authentication bypass NA Soufiane Habti (@wld_basha) Bug Bounty2021-09-152023-06-13
2217Weaponizing Reflected XSS to Account Takeover XSS Account takeover NA Hassan Shahid (@pwnsauc3) Bug Bounty2021-09-162023-06-13
2216A Small Tale of Account Takeover … IDOR Account takeover NA Saugat Pokharel (@saugatpk5) Bug Bounty2021-09-162023-06-13
2196Bug-Bounty | FASTMAIL [pobox.com : account takeover] Account takeover Password reset Fastmail Mohammed ELdawody Bug Bounty2021-09-242023-06-13
2190Improper phone number validation to account takeover Logic flaw OTP bypass Account takeover NA shesha sai_c (@Cyb3r_4ss4s1n) Bug Bounty2021-09-272023-06-13
2160Account Takeover — Story of 2 same issues in a single program but different sub-domains. Account takeover NA Himanshu Pdy (@himanshu_pdy) Bug Bounty2021-10-102023-06-13