Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2200Super Admin panel without Credentials 😎 Authentication bypass NA Rizwan_siddiqui (@Rizwan_SiDdiqu1) Bug Bounty2021-09-222023-06-13
2199Pwn2Own 2021: Parallels Desktop Guest To Host Escape VM escape Parallels Benjamin McBride (@bdmcbri) Bug Bounty2021-09-232023-06-13
2198Facebook Messenger for MacOS contained valid hardcoded FB access token (employee%27s token?) Hardcoded credentials Meta / Facebook Dzmitry Lukyanenka (@vulnano) Bug Bounty2021-09-232023-06-13
2197Bug-Bounty | FASTMAIL [topicbox.com: Privileges Escalation > Organization Takeover] Privilege escalation Logic flaw Fastmail Mohammed ELdawody Bug Bounty2021-09-242023-06-13
2196Bug-Bounty | FASTMAIL [pobox.com : account takeover] Account takeover Password reset Fastmail Mohammed ELdawody Bug Bounty2021-09-242023-06-13
2195$8,000 Bug Bounty Highlight: XSS to RCE in the Opera Browser XSS RCE Opera Renwa (@RenwaX23) Bug Bounty2021-09-242023-06-13
2194Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program Information disclosure Local Privilege Escalation Privacy issue Apple Denis Tokarev / illusionofchaos Bug Bounty2021-09-242023-06-13
2193Remote Command Execution in Visual Studio Code Remote Development Extension RCE Microsoft Abdel Adim `smaury` Oisfi (@smaury92) Bug Bounty2021-09-242023-06-13
2192Telegram bug in terminated sessions Session expiration issue Telegram Hackintosh5 Bug Bounty2021-09-242023-06-13
2191Attack Surface Analysis - Part 3 - Resurrected Code Execution RCE NA Parsia Hackerman (@cryptogangsta) Bug Bounty2021-09-262023-06-13
2190Improper phone number validation to account takeover Logic flaw OTP bypass Account takeover NA shesha sai_c (@Cyb3r_4ss4s1n) Bug Bounty2021-09-272023-06-13
2189CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux Verbose logging Tor sickcodes (@sickcodes) Bug Bounty2021-09-272023-06-13
2188Bypass of biometrics & password security functionality for Android Authentication bypass Android CoinDCX Dheeraj Madhukar (@Dheerajmadhukar) Bug Bounty2021-09-272023-06-13
2187DeepSurface Security Advisory: LPE in Firefox on Windows Local Privilege Escalation Mozilla Robert Chen Bug Bounty2021-09-282023-06-13
2186Zero-Day: Hijacking iCloud Credentials with Apple Airtags (Stored XSS) Stored XSS Apple Bobby Rauch / Bobbyr Bug Bounty2021-09-282023-06-13
2185"A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild Prototype pollution XSS Apple Atlassian Mozilla HubSpot Segment Analytics Sergey Bobrov (@black2fan) Bug Bounty2021-09-282023-06-13
2184Telegram users%27 privacy has been violated again. Messenger representatives demand not to disclose details Privacy issue Telegram ne555 Bug Bounty2021-09-292023-06-13
2183Force Browsing bug at Facebook business plan ($500 Bounty) Authorization flaw Forced browsing Meta / Facebook Dewanand Vishal (@dewcode91) Bug Bounty2021-09-292023-06-13
2181How I found bug on Google Cloud OTP bypass Google Anuragbhoir11 Bug Bounty2021-09-302023-06-13
2180Expect The Unexpected: Discovering fresh ZeroDay for Bounty Logic flaw Information disclosure NA Sina Kheirkhah (@SinSinology) Bug Bounty2021-09-302023-06-13
2179Ping%27ing XMLSec XSLT XXE Ping Netflix Paypal An Trinh (@_tint0) Bug Bounty2021-09-302023-06-13
2178vScalation (CVE-2021-22015)- Local Privilege Escalation in VMware vCenter Local Privilege Escalation VMware Yuval Lazar Bug Bounty2021-11-302023-06-13
2177Privilege Escalation to stored XSS Privilege escalation HTTP response manipulation Stored XSS NA Rohit Kumar (Rohit_443) Bug Bounty2021-10-012023-06-13
2176The Discovery Of Gatekeeper Bypass CVE-2021-1810 Logic flaw Apple Rasmus Sten (@pajp) Bug Bounty2021-10-012023-06-13
2175Pre-Auth SSRF To Full MailBox Access (Microsoft Exchange Server Exploit) SSRF NA Vanshal Gaur (@VanshalG) Bug Bounty2021-10-022023-06-13