Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1862My experience of Hacking The Dutch Government XSS Dutch Government Phenomenal (@Chawla12111) Bug Bounty2022-02-022023-06-13
1861A misconfigured Apache Airflow to AWS Account Compromise Outdated component with a known vulnerability Privilege escalation Information disclosure NA Avinash Jain (@logicbomb_1) Bug Bounty2022-02-022023-06-13
1860My first bounty, IDOR + Self XSS [€3000] Self-XSS IDOR Intigriti Ladecruze (@ladecruze) Bug Bounty2022-02-022023-06-13
1859Abusing Facebooks `Call To Action` To Launch Internal Deeplinks CSRF Android iOS Meta / Facebook Ashley King (@AshleyKingUK) Bug Bounty2022-02-022023-06-13
1858How I Tracked You Around The Globe 🌎 Information disclosure Privacy issue Google (Waze) 0xdroopy (@NikhilK50866227) Bug Bounty2022-02-022023-06-13
1857A technique to semi-automatically find vulnerabilities in WordPress plugins XSS SQL injection Open redirect CSRF NA kazet (@kazet1234) Bug Bounty2022-02-032023-06-13
1856Malicious Kubernetes Helm Charts can be used to steal sensitive information from Argo CD deployments Supply chain attack CI/CD Argo CD Apiiro’s Security Research Bug Bounty2022-02-032023-06-13
1855HigherLogic Community RCE Vulnerability Insecure deserialization RCE 8x8 IBM 0daystolive (@0daystolive) Bug Bounty2022-02-032023-06-13
1854Solving DOM XSS Puzzles DOM XSS NA Eugene Lim (@spaceraccoonsec) Bug Bounty2022-02-032023-06-13
1853Write Up – Private Bug Bounty: RCE In EC2 Instance Via SSH With Private Key Exposed On Public Github Repository – $xx,000 USD Information disclosure NA Omar Espino (@omespino) Bug Bounty2022-02-032023-06-13
1852Bypassing the AWS WAF protection with an 8KB bullet WAF bypass AWS Kloudle (@Kloudleinc) Bug Bounty2022-02-032023-06-13
1851How I bypassed PHP functions to read sensitive files on server Components with known vulnerabilities RCE NA Kailash (@corrupted_brain) Bug Bounty2022-02-042023-06-13
1850What Bypassing Razer%27s DOM-based XSS Patch Can Teach Us DOM XSS Razer EdOverflow (@EdOverflow) Bug Bounty2022-02-052023-06-13
1849Facebook Oauth bypass OAuth Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2022-02-052023-06-13
1848How I found a critical P1 bug in 5 minutes using a cellphone — Bug Bounty SQL injection NA Mr Empy (@mr_empy) Bug Bounty2022-02-062023-06-13
1847Auth Bypass in com.google.android.googlequicksearchbox Authentication bypass Google David Schütz (@xdavidhu) Bug Bounty2022-02-062023-06-13
1846Auth Bypass in Google Assistant Information disclosure Authentication bypass Google David Schütz (@xdavidhu) Bug Bounty2022-02-062023-06-13
1845Insecure Bootstrap Process in Oracle Cloud CLI Supply chain attack Oracle Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2022-02-062023-06-13
1844How can I access the members-only video comment? | YouTube ($5,000) Broken Access Control Google R ando (@Rando02355205) Bug Bounty2022-02-072023-06-13
1843What I Found on Sony Vulnerability Disclosure Program Information disclosure Lack of rate limiting Open redirect IDOR XSS Sony Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-02-072023-06-13
1842Google Security Misconfiguration Leads to Account Takeover ! Logic flaw Spoofing Google Harsh Banshpal Bug Bounty2022-02-082023-06-13
1841Full Account takeover (ATO) — a tale of two bugs 🐛 IDOR Account takeover NA Kwadwo Amoako Bug Bounty2022-02-082023-06-13
1840SQL Injection, Reflected XSS and Information Disclosure in one subdomain in just 10 minutes SQL injection XSS Information disclosure NA Mahmoud Hamed (@7odamo_) Bug Bounty2022-02-082023-06-13
1839CVE-2022-21703: cross-origin request forgery against Grafana CSRF SSRF Grafana Labs Julien Cretel (@jub0bs) Bug Bounty2022-02-082023-06-13
1838How Docker Made Me More Capable and the Host Less Secure Local Privilege Escalation Microsoft Alon Zahavi (@Alon_Z4) Bug Bounty2022-02-082023-06-13