Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2450PII Leakage - Revealing Secrets Information disclosure NA Jerry Shah (@Jerry) Bug Bounty2021-06-252023-06-13
2449From Information Disclosure to interesting Privilege Escalation Information disclosure Account takeover Privilege escalation NA David Shaul (@dudy2kk) Bug Bounty2021-06-252023-06-13
2424Facebook Email/phone disclosure using Binary search Password reset Information disclosure Bruteforce Meta / Facebook Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2021-07-092023-06-13
2420Critical Bug Bounty Reports: Part 1 Account takeover Password reset RCE Information disclosure NA Greg Gibson Bug Bounty2021-07-112023-06-13
2415Part 2: Dive into Zoom Applications CSRF Account takeover Information disclosure Session expiration issue Authorization flaw Logic flaw Zoom Rakesh Thodupunoori (@rakesh_3895) Bug Bounty2021-07-132023-06-13
2404IIS-Default-Page-to-Information-Disclosure Information disclosure NA 0xdln (@0xdln) Bug Bounty2021-07-172023-06-13
2399Hacking Xiaomi%27S Android Apps - Part 1 Android Information disclosure Open redirect Privacy issue Xiaomi Ameya (@iamTakeMyHand) Bug Bounty2021-07-192023-06-13
2387Not valid bug that leads to us a multiple Valid Report in Facebook Information disclosure Meta / Facebook Kent Jarold Abulag (@wkemenhehehegsg) Bug Bounty2021-07-252023-06-13
2384Bug Chain leads to Mass Account Takeover! Information disclosure Password reset Account takeover NA Shubhayu Majumdar (@shubhayu64) Bug Bounty2021-07-262023-06-13
2375Information Disclosure to Account Takeover Information disclosure OAuth Account takeover Authentication bypass NA Sunil Yedla (@sunilyedla2) Bug Bounty2021-07-282023-06-13
2370Gaining Access To GCP Of Google Stadia — 500$ Bounty Information disclosure Google Sebastien Kaul Bug Bounty2021-07-292023-06-13
2360The journey from Google Honorable Mention to Hall of Fame. Referer leakage Information disclosure Password reset Google Akash basnet (@noneofyou007) Bug Bounty2021-08-012023-06-13
2357Bug bounty - PHI/PII critical data exposure Information disclosure NA Molx32 Bug Bounty2021-08-012023-06-13
2350How I Scored 1K Bounty Using Waybackurls Information disclosure NA Sicksec (@OriginalSicksec) Bug Bounty2021-08-022023-06-13
2319CVE-2021-22929 – Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains to ~/.config/BraveSoftware /Brave-Browser/tor/data/tor.log Privacy issue Information disclosure Brave Software sickcodes (@sickcodes) Bug Bounty2021-08-162023-06-13
2313Account Takeover via Access Token Leakage IDOR Information disclosure Account takeover NA Tuhin Bose (@tuhin1729_) Bug Bounty2021-08-192023-06-13
2312Disclose WhatsApp Number of Instagram Accounts Despite Setting Set to be Hidden Information disclosure Logic flaw Meta / Facebook Naveen (@NaveenHax) Bug Bounty2021-08-192023-06-13
2308How I was able to get 1000$ bounty from a ds-store file? Information disclosure Debugging enabled NA Khaled Mohamed (@0xElkomy) Bug Bounty2021-08-212023-06-13
2302By Design: How Default Permissions on Microsoft Power Apps Exposed Millions Information disclosure Microsoft UpGuard Team (@upguard) Bug Bounty2021-08-232023-06-13
2300[$5K] Misconfigured Reset password that leads to Account Takeover (No user Interaction ATO) Account takeover Password reset Information disclosure NA Aditya Sharma (@Assass1nmarcos) Bug Bounty2021-08-242023-06-13
2296Vulnerability in Bumble dating app reveals any user%27s exact location Information disclosure Logic flaw Bumble Robert Heaton (@RobJHeaton) Bug Bounty2021-08-252023-06-13
2290Oauth client secret leak and possible IDOR leading to PII Disclosure IDOR OAuth Information disclosure NA Monke (@pmofcats) Bug Bounty2021-08-262023-06-13
2286Exploiting Devops -Leak Source codes Information disclosure NA Shivbihari Pandey (@ninja_pandit_) Bug Bounty2021-08-282023-06-13
2282Information disclosure via api misconfiguration Information disclosure NA Rizwan_siddiqui (@Rizwan_SiDdiqu1) Bug Bounty2021-08-292023-06-13
2266Hacking Dutch Government For a lousy T-shirt IDOR Information disclosure Dutch Government Veshraj Ghimire (@GhimireVeshraj) Bug Bounty2021-09-022023-06-13