Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2069Write Up – Apple N/A: PII Information, Full Contact List, Main Phone No. And Main Icloud Email Extracted; Bug Patched: Arbitrary Local File Read Via Zip File And Symlinks On Ios Files App. Arbitrary file read Apple Omar Espino (@omespino) Bug Bounty2021-11-172023-06-13
2068CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory Information disclosure Microsoft Karl Fosaaen (@kfosaaen) Bug Bounty2021-11-172023-06-13
2067URL whitelist bypass in https://cxl-services.appspot.com Privilege escalation URL validation bypass SSRF Google David Schütz (@xdavidhu) Bug Bounty2021-11-172023-06-13
2066A common defect in java system-Memory DoS (include CVE-2021-2344, CVE-2021-2371, CVE-2021-2376, CVE-2021-2378) DoS Oracle threedr3am (@threedr3am1) Bug Bounty2021-11-182023-06-13
2065A Story of an Epic Blind Remote Code Execution(RCE) RCE OS command injection NA Akash Solanki (@MAALP1225) Bug Bounty2021-11-182023-06-13
2064How I accidentally hacked many companies using N/A vulnerability in Atlassian Cloud Information disclosure Authentication flaw Atlassian Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2021-11-192023-06-13
2063Exploiting OAuth: Journey to Account Takeover Account takeover OAuth XSS Weak CSP CSRF NA Aditya Dixit (@zombie007o) Bug Bounty2021-11-192023-06-13
2062Hacking Apple Security Report System Logic flaw Social engineering Apple HackrzVijay (@hackrzvijay) Bug Bounty2021-11-202023-06-13
2061Open Redirect Vulnerability On Zapier: An Accidental Find Open redirect Zapier Monish Basaniwal Bug Bounty2021-11-212023-06-13
2060Peeping through a Web-Socket Cross-Site Websocket Hijacking (CSWH) NA Aditya Verma (@0cirius0) Bug Bounty2021-11-212023-06-13
2059[BugBounty] XSS with Markdown — Exploit & Fix on OpenSource XSS NA Lê Thành Phúc Bug Bounty2021-11-222023-06-13
2058GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks Local Privilege Escalation Microsoft Romain Carnus Bug Bounty2021-11-222023-06-13
2057A business logic error bug worth 600$ Payment tampering NA Deep Patidar (@itsdeepceh) Bug Bounty2021-11-232023-06-13
2056Moodle Blind SQL injection via MNet authentication SQL injection Moodle rekter0 (@rekter0) Bug Bounty2021-11-232023-06-13
2055Finding XSS on .apple.com and building a proof of concept to leak your PII information XSS Apple Zseano (@zseano) Bug Bounty2021-11-232023-06-13
2054ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717) DoS ModSecurity theMiddle (@AndreaTheMiddle) Bug Bounty2021-11-242023-06-13
2053Account Takeover in $Million Company? Account takeover Password reset Fastmail 0xGodson (@0xGodson_) Bug Bounty2021-11-242023-06-13
2052Multiple Vulnerabilities In Concrete CMS – Part2 (PrivEsc/SSRF/etc) Privilege escalation SSRF Concrete CMS FORTBRIDGE (@FORTBRIDGE1) Bug Bounty2021-11-252023-06-13
2051Unauthenticated Sensitive Information Disclosure at [REDACTED] Old components with known vulnerabilities Information disclosure NA Rizaldi Wahaz (@wah_haz) Bug Bounty2021-11-252023-06-13
2050How I Found My First XSS Bug XSS Atlassian Thedarkwayg (@shadow_CLAY) Bug Bounty2021-11-252023-06-13
2049RocketChat - Monitor User Messages Authorization flaw Rocket.Chat Rojan Rijal (@uraniumhacker) Bug Bounty2021-11-252023-06-13
2048WordPress Plugin Confusion: How an update can get you pwned Supply chain attack WordPress plugin confusion WordPress theme confusion NA Kamil Vavra (@vavkamil) Bug Bounty2021-11-252023-06-13
2047SSD Advisory – Chrome Ad Heavy Bypass (via history.back()) Browser hacking Google (Chrome) Alesandro Ortiz (@AlesandroOrtizR) Bug Bounty2021-11-262023-06-13
2046How I got my first bounty on financial sector gateway site by using Previous GraphQL vulnerabilities. Information disclosure GraphQL NA Night Hawk Bug Bounty2021-11-262023-06-13
2045SEC-596 Reflected XSS cPanel sh1yo (@sh1yo_) Bug Bounty2021-11-292023-06-13