Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1887Technical Analysis of CVE-2022-22583: Bypassing macOS System Integrity Protection (SIP) MacOS SIP bypass Apple Perception Point Bug Bounty2022-01-272023-06-13
1886CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability URL validation bypass Microsoft Reegun Jayapaul (@reegun21) Bug Bounty2022-01-272023-06-13
1885Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) Windows Driver hacking Kernel DoS VMware Christopher (@Kharosx0) Bug Bounty2022-01-272023-06-13
1884The Story of an RCE on a Java Web Application Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-272023-06-13
1883Bypassing SSRF Protection to Exfiltrate AWS Metadata from LarkSuite SSRF Lark Technologies SirLeeroyJenkins (@SirLeeroyJenkin) Bug Bounty2022-01-282023-06-13
1882The Story of a RCE on a Java Web Application RCE Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-282023-06-13
1881Command Injection in Google Cloud Shell RCE OS command injection Google Ademar Nowasky Junior Bug Bounty2022-01-282023-06-13
1880Multiple HTTP Redirects to Bypass SSRF Protections SSRF NA ne555 Bug Bounty2022-01-292023-06-13
1879Paytm-Broken Link Hijacking Broken link hijacking Paytm Lohith Gowda M (@lohigowda_in) Bug Bounty2022-01-292023-06-13
1878How I Made $16,500 Hacking CDN Caching Servers — Part 1 Web cache poisoning Stored XSS Web cache deception NA Kevin (@bxmbn) Bug Bounty2022-01-292023-06-13
1877How I hacked my way to the top of DARPA’s hardware bug bounty Hardware hacking DARPA FETT Malcolm Stagg (@malcolmst) Bug Bounty2022-01-302023-06-13
18762fa Bypass by changing Request method MFA bypass NA Arth Bajpai (@arth_bajpai) Bug Bounty2022-01-302023-06-13
1875XSS via X-Forwarded-Host header XSS Host header injection Omise Abhijeet Biswas (@abhijeetbiswas_) Bug Bounty2022-01-302023-06-13
1874Access Control Violation – Wiki Page Creation Authorization flaw NA Nick Berrie (@machevalia) Bug Bounty2022-01-302023-06-13
1873Stored Cross-Site Scripting in MediaWiki Stored XSS NA Nick Berrie (@machevalia) Bug Bounty2022-01-282023-06-13
1872Remote Code Execution in .tgz File Upload RCE Unrestricted file upload NA Nick Berrie (@machevalia) Bug Bounty2022-01-302023-06-13
1871Missing rate-limiting. How I was able to add any unowned phone number to my Facebook account? (Bounty: 5000 USD) OTP bruteforce Lack of rate limiting Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2022-01-312023-06-13
1870Microsoft OneDrive For Macos Local Privilege Escalation Local Privilege Escalation MacOS Microsoft Offensive Security (@offsectraining) Bug Bounty2022-01-312023-06-13
1869Hacking Google Drive Integrations SSRF Dropbox Harsh Jaiswal (@rootxharsh) Bug Bounty2022-01-312023-06-13
1868How I approached Dependency Confusion! Dependency confusion NA Aditya Soni (@hetroublemakr) Bug Bounty2022-02-012023-06-13
1867A story of leaking uninitialized memory from Fastly HTTP/3 Memory leak Information disclosure Fastly Emil Lerner (@emil_lerner) Bug Bounty2022-02-012023-06-13
1866A Peculiar Case of XSS and my first bug XSS Bentley Systems Aman Pareek (@aman_notsogreat) Bug Bounty2022-02-012023-06-13
1865CVE-2021-44142: Details On A Samba Code Execution Bug Demonstrated At Pwn2Own Austin Memory corruption RCE NA Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2022-02-012023-06-13
1864IDOR vulnerability on invoice and weak password reset leads to account take over IDOR Password reset Account takeover Payment tampering Logic flaw NA Damaidec Bug Bounty2022-02-012023-06-13
1863No Rate Limiting on OTP sending Bruteforce Lack of rate limiting NA nOOb_mAsTeR Bug Bounty2022-02-022023-06-13