Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1837SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999) Local Privilege Escalation Microsoft Olivier Lyak (@ly4k_) Bug Bounty2022-02-082023-06-13
1836WordPress < 5.8.3 - Object Injection Vulnerability Object injection RCE WordPress Simon Scannell (@scannell_simon) Bug Bounty2022-02-082023-06-13
1835Story of critical security flaws I found in Glints IDOR Information disclosure Glints huli (@aszx87410) Bug Bounty2022-02-092023-06-13
1834Oracle Server Side Request Forgery (SSRF) Metadata SSRF Oracle Lidor Ben Shitrit Bug Bounty2022-02-082023-06-13
1833ICMAD SAP Vulnerabilities (CVE-2022-22536, CVE-2022-22532 & CVE-2022-22533) HTTP request smuggling Memory leak DoS Memory corruption SAP SAP Product Security Response team Bug Bounty2022-02-082023-06-13
1832How I hacked Google to read files from their servers for free! Arbitrary file read Google Harish SG (@CoderHarish) Bug Bounty2022-02-092023-06-13
1831Microsoft Team’s Unpatched URL Spoofing Vulnerability URL spoofing Microsoft Priyank Raval Bug Bounty2022-02-092023-06-13
1830Mindshare: When Mysql Cluster Encounters Taint Analysis Memory corruption Oracle (MySQL) Lucas Leong (@_wmliang_) Bug Bounty2022-02-102023-06-13
1829Subdomain Takeover via Leadpages Services on Tiktok Subdomain takeover TikTok Mohamed Haron (@m7mdharon) Bug Bounty2022-02-112023-06-13
1828flashback_connects (Cisco RV340 SSL VPN Unauthenticated Remote Code Execution as root) Memory corruption Cisco Pedro Ribeiro (@pedrib1337) Bug Bounty2022-02-112023-06-13
1827QRCDR ZeroDay Path Traversal Vulnerability Path traversal NA Farhad Karimi (@n0lsec) Bug Bounty2022-02-112023-06-13
1826"Zero-Days" Without Incident - Compromising Angular via Expired npm Publisher Email Domains Supply chain attack GitHub Matthew Bryant (@IAmMandatory) Bug Bounty2022-02-112023-06-13
1825A tale of 0-Click Account Takeover and 2FA Bypass. Account takeover Password reset MFA bypass NA Firas Fatnassi (@Fatnass1F1ras) Bug Bounty2022-02-122023-06-13
1824Broken Link Hijacking - Mr. User-Agent Broken link hijacking NA Jerry Shah (@Jerry) Bug Bounty2022-02-132023-06-13
1823How i made 15k$ from Remote Code Execution Vulnerability Code injection RCE Self-XSS NA Abdulrahman Makki (@AMakki1337) Bug Bounty2022-02-132023-06-13
1822Hacking AWS Cognito Misconfiguration to Zero Click Account Takeover AWS misconfiguration Account takeover NA Preetham Bomma (@cyber01_) Bug Bounty2022-02-142023-06-13
1821My First Bounty and How I Got It Subdomain takeover NA Aneesha D (@interc3pt3r) Bug Bounty2022-02-142023-06-13
1820BigQuery SQL Injection Cheat Sheet SQL injection NA Ozgur Alp (@ozgur_bbh) Bug Bounty2022-02-142023-06-13
1819Advisory: Western Digital My Cloud Pro Series PR4100 RCE RCE OS command injection Western Digital Quentin Kaiser (@QKaiser) Bug Bounty2022-02-152023-06-13
1818Static Taint Analysis Using Binary Ninja: A Case Study Of MySQL Cluster Vulnerabilities Memory corruption Oracle (MySQL) Reno Robert (@renorobertr) Bug Bounty2022-02-152023-06-13
1817Trim private live videos and access them (Meta bug bounty) IDOR Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2022-02-152023-06-13
1816Hunting for bugs in VMware: View Planner and vRealize Business for Cloud RCE VMware Mikhail Klyuchnikov (@__Mn1__) Bug Bounty2022-02-152023-06-13
1815Bug Report; Bypassing Weekly Limits In Basic (Free) LinkedIn Account Logic flaw LinkedIn Ashok Acharya Bug Bounty2022-02-162023-06-13
1814Hacked Dutch Government Website. All I got was this l̶o̶u̶s̶y̶ cool T-Shirt. Information disclosure Dutch Government Romesh chander Bug Bounty2022-02-162023-06-13
1813My First Reflected XSS Bug Bounty — Google Dork — $xxx Reflected XSS NA Proviesec (@proviesec) Bug Bounty2022-02-162023-06-13