Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
320Improper Authentication in Android App Logic flaw Authentication flaw HTTP response manipulation NA oXnoOneXo Bug Bounty2023-03-102023-06-13
319Bugging Out: My Experience of Earning $300 for Reporting an Unexpected Bug Subdomain takeover NA Charlie : The Hacker Bug Bounty2023-03-102023-06-13
318CVE-2022-36413 Unauthorized Reset Password of Zoho ManageEngine ADSelfService Plus Password reset OTP bruteforce Account takeover Authentication bypass Zoho (ManageEngine) Sky Bug Bounty2023-03-102023-06-13
317Account Takeover: An Epic Bug Bounty Story Account takeover Self-XSS Pre-account takeover NA Jaydev Ahire Bug Bounty2023-03-112023-06-13
316[Netflix][Smart TV] — Chaining Self-XSS with Session poisoning. Self-XSS Cookie injection Session management issue Netflix Lyubomir Tsirkov (@lyubo_tsirkov) Bug Bounty2023-03-112023-06-13
314The story of how I was able to chain SSRF with Command Injection Vulnerability SSRF OS command injection RCE NA Raj Qureshi (@RajQureshi9) Bug Bounty2023-03-122023-06-13
313P1 Vulnerability by Bypassing the membership payment page Payment bypass NA Viktor Mares Bug Bounty2023-03-122023-06-13
311How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw Insecure deeplink Android Account takeover NA Crisdeo Nuel Siahaan Bug Bounty2023-03-132023-06-13
309Veeam Backup and Replication CVE-2023-27532 Deep Dive Local Privilege Escalation Veeam James Horseman (@JamesHorseman2) Bug Bounty2023-03-132023-06-13
307Hacking the Docker Registry with Burp Suite Docker Registry NA H1Xploit (@H1Xploit) Bug Bounty2023-03-142023-06-13
306Your Browser is Not a Safe Space Local Privilege Escalation Lateral movement NA Corey Ham Bug Bounty2023-03-142023-06-13
305Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability Privilege escalation NTLM Microsoft (Outlook) Dominic Chell (@domchell) Bug Bounty2023-03-142023-06-13
304Vulnerabilities in the TPM 2.0 reference implementation code Memory corruption Out-of-bounds Read Out-of-bounds Write Microsoft VMware Google IBM Lenovo Qemu Nuvoton Trusted Computing Group STMicroelectronics Aruba Networks CERT/CC libtpms Francisco Falcon (@fdfalcon) Bug Bounty2023-03-142023-06-13
303Producing a POC for CVE-2022-42475 (Fortinet RCE) Memory corruption RCE Integer overflow Heap overflow Fortinet Alain Mowat (@plopz0r) Bug Bounty2023-03-142023-06-13
302CVE-2023–24625 / IDOR in Faveo Service Desk IDOR Faveo cupc4k3 Bug Bounty2023-03-142023-06-13
299Backend Parameter Injection --> RCE RCE HTTP parameter pollution OS command injection NA Austin (@systemdumb) Bug Bounty2023-03-142023-06-13
297LFI - An Interesting Tweak LFI NA Jerry Shah (@Jerry) Bug Bounty2023-03-152023-06-13
296Emotional Rollercoaster: A Unique Case Study of Bypassing Antivirus and Firewall by Abusing PostgreSQL RCE Old components with known vulnerabilities NA Yousef Amery (@YousefAmery) Bug Bounty2023-03-152023-06-13
295Bypassing Character Limit - XSS Using Spanned Payload XSS Account takeover NA SMHTahsin33 (@SMHTahsin33) Bug Bounty2023-03-152023-06-13
294OAuth 2.0 Authentication Misconfiguration OAuth Account takeover Open redirect Token leak NA Mohamed Lakhdar Metidji (@minometidjii) Bug Bounty2023-03-162023-06-13
291SSRF Cross Protocol Redirect Bypass SSRF NA Szymon Drosdzol Bug Bounty2023-03-162023-06-13
290How I chained multiple High-impact vulnerabilities to create a critical one. Account takeover IDOR OTP bypass HTTP response manipulation NA Vinay Jagetiya (@princej_76) Bug Bounty2023-03-172023-06-13
288Directory Traversal and LFI worth $400 Path traversal NA Hritik Thapa Bug Bounty2023-03-172023-06-13
286Remote code execution in BIRT Viewer ≤ 4.12.0 (CVE-2023-0100) RCE RFI URL validation bypass Security code review Eclipse Foundation Louis Wolfers (@TG91aXMK) Bug Bounty2023-03-172023-06-13
285Account Takeover with rate limit bypass Rate limiting bypass Account takeover NA Shamim Ahamed (@itm4n) Bug Bounty2023-03-182023-06-13