Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1989Yes, fun browser extensions can have vulnerabilities too! XSS Browser extension hacking postMessage Meow Wladimir Palant (@WPalant) Bug Bounty2021-12-202023-06-13
1988Stored XSS by bypassing signature XSS Unrestricted file upload NA Abdulrahman Makki (@AMakki1337) Bug Bounty2021-12-202023-06-13
1987How I was able to reveal page admin of almost any page on Facebook IDOR Meta / Facebook Sudip Shah Bug Bounty2021-12-202023-06-13
1986RCE in Visual Studio Code%27s Remote WSL for Fun and Negative Profit RCE Microsoft Parsia Hackerman (@cryptogangsta) Bug Bounty2021-12-202023-06-13
1985Blackbox Cookie Testing — How I Cracked The Admin’s Cookie Authentication bypass NA Saeed Balquizi Bug Bounty2021-12-202023-06-13
1984Bring Your Own SSRF – The Gateway Actuator SSRF DoS NA Wyatt Dahlenburg (@wdahlenb) Bug Bounty2021-12-202023-06-13
1983How I earned $$$ by bypassing 2FA MFA bypass Forced browsing NA Mohamed Taha (@Mohamed12742780) Bug Bounty2021-12-212023-06-13
1982SSD Advisory – Rocket.Chat Client-side Remote Code Execution RCE MacOS Rocket.Chat - Bug Bounty2021-12-212023-06-13
1981How I found (P2) Broken Authentication with Zero Skill of Hacking Authentication bypass Account takeover NA yoshi m lutfi (@yoshiahmadlutfi) Bug Bounty2021-12-212023-06-13
1980NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories Security misconfiguration .git folder disclosure Microsoft Wiz (@wiz_io) Bug Bounty2021-12-212023-06-13
1979Sandbox escape + privilege escalation in StorePrivilegedTaskService Local Privilege Escalation MacOS Apple Sector 7 (@sector7_nl) Bug Bounty2021-12-212023-06-13
1978How I was able to bypass WAF and find the origin IP and a few sensitive files WAF bypass NA Jan Muhammad Zaidi (@hasanakajan) Bug Bounty2021-12-222023-06-13
1977MS Teams: 1 feature, 4 vulnerabilities SSRF Information disclosure DoS Spoofing Microsoft Fabian Bräunlein Bug Bounty2021-12-222023-06-13
1976Cache Poisoning at Scale Web cache poisoning GitHub GitLab HackerOne Shopify Cloudflare Youstin (@iustinBB) Bug Bounty2021-12-232023-06-13
1975How I found (and fixed) a vulnerability in Python Web cache poisoning Python Adam Goldschmidt (@AdamGolds) Bug Bounty2021-12-242023-06-13
1974Information Disclosure leads to sensitive credential($$$) Information disclosure NA khan mamun (@mamunwhh) Bug Bounty2021-12-252023-06-13
1973Massive Users Account Takeovers(Chaining Vulnerabilities to IDOR)😲 Authentication bypass IDOR Lack of rate limiting NA Anurag__Verma Bug Bounty2021-12-252023-06-13
1972How I Saved Christmas for Google 🎄 Dependency confusion Google (Waze) 0xdroopy (@NikhilK50866227) Bug Bounty2021-12-252023-06-13
1971Turning bad SSRF to good SSRF: Websphere Portal SSRF HCL Technologies Shubham Shah (@infosec_au) Bug Bounty2021-12-262023-06-13
1970How I Bypassed Netflix Profile Lock? Logic flaw Netflix Krishnadev P Melevila (@Krishnadev_P_M) Bug Bounty2021-12-272023-06-13
1969XSS via file upload XSS Unrestricted file upload NA Jay Sharma Bug Bounty2021-12-272023-06-13
1968Bi/ug Bounties and HyperV RCE Research RCE Microsoft Hyper-V Peter Hlavaty (@rezer0dai) Bug Bounty2021-12-272023-06-13
1967Common Nginx Misconfiguration leads to Path Traversal Path traversal NA MikeChan Bug Bounty2021-12-282023-06-13
1966Bounty Evaluation GitHub = $15,000 US Dollars | Rate Limit Bruteforce Email verification bypass Account takeover GitHub Taniya Agarwal Bug Bounty2021-12-282023-06-13
1965Full account takeover vulnerability in Minecraft Account takeover Minecraft Abdulrahman Makki (@AMakki1337) Bug Bounty2021-12-282023-06-13