Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
124Privilege Escalations through Integrations Privilege escalation Amazon cognito misconfiguration JWT Account takeover NA Colin McQueen Bug Bounty2023-05-042023-06-13
122A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF… postMessage JSONP DOM XSS CORS misconfiguration CSRF WAF bypass NA Julien Cretel (@jub0bs) Bug Bounty2023-05-052023-06-13
121Cookie Bugs - Smuggling & Injection Cookie smuggling Cookie injection Eclipse Foundation (Jetty) Ankur Sundara (@ankursundara) Bug Bounty2023-05-052023-06-13
119Mass Assignment leads to the victim’s account being inaccessible forever Mass assignment Logic flaw NA Arman (@M7arm4n) Bug Bounty2023-05-052023-06-13
118CSS Injection via PostMessages to stealing Credit Card Info postMessage CSS injection NA Castilho (@castilho101) Bug Bounty2023-05-052023-06-13
115How I discovered XSS via triple URL encode XSS WAF bypass NA Muhammed Mubarak Bug Bounty2023-05-072023-06-13
114How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain RCE Unrestricted file upload Stored XSS Information disclosure Directory listing NA Aayush Vishnoi (@AayushVishnoi10) Bug Bounty2023-05-072023-06-13
113IPv6 DNS Takeover via mitm6 (Write Up) MiTM IPv6 DNS takeover Misconfigured LDAP server Internal pentest NA Evan Ricafort (@evanricafort) Bug Bounty2023-05-082023-06-13
112Sorting Your Way to Stolen Passwords Bruteforce Cryptographic issues NA Nightbane (@Nightbanes) Bug Bounty2023-05-082023-06-13
110A deep-dive on Pluck CMS vulnerability CVE-2023-25828 Unrestricted file upload RCE Security code review Pluck CMS Matthew Hogg Bug Bounty2023-05-082023-06-13
109PwnAssistant - Controlling /home%27s Via A Home Assistant RCE Authentication bypass RCE Security code review IoT Home Assistant elttam (@elttam) Bug Bounty2023-05-092023-06-13
106RCE due to Dependency Confusion — $5000 bounty! Dependency confusion RCE NA Chevon Phillip (@ChevonPhillip) Bug Bounty2023-05-102023-06-13
104Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3 RCE Authorization bypass Security code review Sitecore Dylan Pindur Bug Bounty2023-05-102023-06-13
101Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH) Captcha bypass NA Abeer Banerjee (@bugasur) Bug Bounty2023-05-112023-06-13
100Discovering a Hidden Security Loophole: Rent luxury Cars for a Single Dollar Payment tampering NA Yash Sancheti Bug Bounty2023-05-122023-06-13
99One Bug at a Time: I failed my quiz on purpose to get $1,000! IDOR NA atomiczsec (@atomiczsec) Bug Bounty2023-05-122023-06-13
97Container security: Infecting images to establish backdoors Container security Kubernetes NA Emilien Socchi (@emiliensocchi) Bug Bounty2023-05-122023-06-13
96CS:GO: From Zero to 0-day Game hacking RCE Memory corruption Arbitrary file download Arbitrary file write DLL Hijacking Privilege Escalation Valve (CS:GO) Felipe Bug Bounty2023-05-132023-06-13
95CVE-2023-26818 - Bypass TCC with Telegram in macOS TCC bypass Local Privilege Escalation Apple (macOS) Dan Revah (@danrevah) Bug Bounty2023-05-152023-06-13
90Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586) TOCTOU Arbitrary file write Local Privilege Escalation Avast NortonLifeLock Denis Skvortcov (@Denis_Skvortcov) Bug Bounty2023-05-152023-06-13
89Bypassing open redirect protection site-wide on web2py applications Open redirect Regex Web2py Mohamed Dief (@DemoniaSlash) Bug Bounty2023-05-152023-06-13
86Hardcore RCE via directory name for $3.000 RCE OS command injection Security code review NA Lev Shmelev Bug Bounty2023-05-162023-06-13
85From GitHub To Account Takeover: Misconfigured Actions Place GCP & AWS Accounts At Risk Account takeover Cloud OpenID Connect CI/CD NA Rezonate Bug Bounty2023-05-162023-06-13
84From DA to EA with ESC5 Active Directory Privilege Escalation Internal pentest NA Andy Robbins (@_wald0) Bug Bounty2023-05-172023-06-13
83DOS via cache poisoning Web cache deception DoS NA Allam Rachid (@blank_cold) Bug Bounty2023-05-172023-06-13