Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2360The journey from Google Honorable Mention to Hall of Fame. Referer leakage Information disclosure Password reset Google Akash basnet (@noneofyou007) Bug Bounty2021-08-012023-06-13
2359Multi Domain DOM Cross Site Scripting DOM XSS NA Sam Paredes (@caffeinevulns) Bug Bounty2021-08-012023-06-13
2358Blind XXE Leads to Internal Port Scanning Through SSRF XXE SSRF NA Sam Paredes (@caffeinevulns) Bug Bounty2021-08-012023-06-13
2357Bug bounty - PHI/PII critical data exposure Information disclosure NA Molx32 Bug Bounty2021-08-012023-06-13
2356Tale of XSS in Angular Reflected XSS NA Sicksec (@OriginalSicksec) Bug Bounty2021-08-022023-06-13
2355Privilege Escalation | stealing user’s point | Bugcrowd IDOR Privilege escalation NA Abhind Abhi Bug Bounty2021-08-022023-06-13
2354~/BugBounty/IDOR/”How I was able to exfiltrate any user’s credit coupons” IDOR NA Jai Sharma (@ja1sharma) Bug Bounty2021-08-022023-06-13
2353how to be popular CSRF Type confusion OkCupid yan (@bcrypt) Bug Bounty2021-08-022023-06-13
2351Detecting Jackson deserialization vulnerabilities with CodeQL Insecure deserialization GitHub Artem Smotrakov (@artem_smotrakov) Bug Bounty2021-08-022023-06-13
2350How I Scored 1K Bounty Using Waybackurls Information disclosure NA Sicksec (@OriginalSicksec) Bug Bounty2021-08-022023-06-13
2349How the use of hidden form fields lead to Email verification bypass Email verification bypass Client-side enforcement of server-side security NA Yash Swarup (@wazirsec) Bug Bounty2021-08-032023-06-13
2348PostMessage Xss vulnerability on private program XSS postMessage NA Youghourta Ghannei (@YoughartaG) Bug Bounty2021-08-032023-06-13
2347How I found Open Redirect on Hashnode.com Open redirect Hashnode Jefferson Gonzales (@gonzxph) Bug Bounty2021-08-052023-06-13
2346Account Takeover (User + Admin) Via Password Reset Account takeover Password reset Logic flaw NA Hemant Patidar (@HemantSolo) Bug Bounty2021-08-052023-06-13
2345Do you like to read? I can take over your Kindle with an e-book Memory corruption RCE Local Privilege Escalation Amazon Slava Makkaveev Bug Bounty2021-08-062023-06-13
2344How I got Reflected Cross Site Scripting(RXSS) on Manchester Metropolitan University XSS Manchester Metropolitan University Santosh Bobade (@Santosh88267387) Bug Bounty2021-08-072023-06-13
2340Size Matters — CVE-2021–0485 (High) Local Privilege Escalation Android Google Dimitrios Valsamaras (@Ch0pin) Bug Bounty2021-08-072023-06-13
2339CVE-2021-0090: Intel Driver & Support Assistant (DSA) Elevation Of Privilege (EOP) Local Privilege Escalation Intel bohops (@bohops) Bug Bounty2021-08-072023-06-13
2338CVE-2021-25738 RCE Kubernetes Jordy Versmissen / J0VSEC (@j0v0x0) Bug Bounty2021-08-072023-06-13
2337What is BOLA? 3-digit bounty from Topcoder ($$$) IDOR Topcoder can1337 (@canmustdie) Bug Bounty2021-08-092023-06-13
2336Fuzzing + IDOR = Admin TakeOver IDOR Account takeover NA Gonzalo Carrasco (@0xCGonzalo) Bug Bounty2021-08-092023-06-13
2335Multiple Vulnerabilities In cPanel/WHM XXE Stored XSS Privilege escalation CSRF Cross-Site WebSocket Hijacking (CSWH) cPanel Adrian Tiron (@adrian__t) Bug Bounty2021-08-102023-06-13
2334OVE-20210809-0001 Visual Studio Code .ipynb Jupyter Notebook XSS (Arbitrary File Read) XSS Arbitrary file read Microsoft Justin Steven (@justinsteven) Bug Bounty2021-08-112023-06-13
2333How I Bought a £240.00 Annual Subscription for Bargain £0.01 Payment tampering Logic flaw NA Craig Hays (@craighays) Bug Bounty2021-08-112023-06-13
2332Weaponizing Middleboxes for TCP Reflected Amplification DoS Check Point Cisco F5 Fortinet Juniper Netscout Palo Alto SonicWall Sucuri Kevin Bock Bug Bounty2021-08-122023-06-13