Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1758How I managed to make a DDoS attack by exploiting a company’s service — Bug Bounty DoS NA Mr Empy (@mr_empy) Bug Bounty2022-03-082023-06-13
1757Log4shell in google $1337.00 Log4shell RCE Google amnotacat (@Amnotacat1) Bug Bounty2022-03-082023-06-13
1756Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities Privilege escalation Container escape Kubernetes Google Unit 42 (@Unit42_Intel) Bug Bounty2022-03-082023-06-13
1755Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis) RCE Oracle Nguyễn Tiến Giang (@testanull) Bug Bounty2022-03-092023-06-13
1754SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access Authentication bypass OS command injection RCE Netgear - Bug Bounty2022-03-092023-06-13
1753Demographic Misconfiguration on Facebook live Logic flaw Authorization flaw Meta / Facebook Prajwol Dhungana (@PrajwolDhunga14) Bug Bounty2022-03-092023-06-13
1751Escalating from Logic App Contributor to Root Owner in Azure Privilege escalation Microsoft Josh Magri (@passthehashbrwn) Bug Bounty2022-03-092023-06-13
1749Rate Limit Bypass at Readme.com Lack of rate limiting Password reset Readme.com Girishbo Bug Bounty2022-03-112023-06-13
1747CVE-2022-24696 – Glance By Mirametrix Privilege Escalation Local Privilege Escalation Lenovo Oddvar Moe (@Oddvarmoe) Bug Bounty2022-03-112023-06-13
1746How Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control) Broken Access Control NA can1337 (@canmustdie) Bug Bounty2022-03-112023-06-13
1745I have Found Microsoft Subdomain Website database list, database username, password Information disclosure Microsoft Bot Ami (@Botami143) Bug Bounty2022-03-112023-06-13
1744I can see the dislikes count even though is hidden by YouTube | YouTube ($500) Broken Access Control IDOR NA R ando (@Rando02355205) Bug Bounty2022-03-122023-06-13
1743XSS through base64 encoded JSON XSS NA Aman Pareek (@aman_notsogreat) Bug Bounty2022-03-122023-06-13
1742A Tale of Open Redirection to Stored XSS Stored XSS Open redirect NA Tushar Sharma (@tusharSharma_0) Bug Bounty2022-03-122023-06-13
1741Open Redirect via Sendgrid Email Misconfiguration Open redirect NA Rifqi Hilmy Zhafrant Bug Bounty2022-03-132023-06-13
1740How I bypassed disable_functions in php to get a remote shell RCE NA Asem Eleraky (@melotover) Bug Bounty2022-03-132023-06-13
1739Party time: Injecting code into Teleparty extension HTML injection Open redirect Browser extension hacking Teleparty Wladimir Palant (@WPalant) Bug Bounty2022-03-142023-06-13
1737How I access other domains in infinityfree.net using Directory Traversal Directory traversal InfinityFree Kurt Russelle Marmol Bug Bounty2022-03-142023-06-13
1736SQL Injection at Spotify SQL injection Spotify Eslam Akl (@eslam3kll) Bug Bounty2022-03-142023-06-13
1735Achieving Remote Code Execution via Unrestricted File Upload Unrestricted file upload RCE NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-03-142023-06-13
1734From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password – “password” WAF bypass Weak credentials NA YoKo Kho (@YokoAcc) Bug Bounty2022-03-142023-06-13
1733How a macOS bug could have allowed for a serious phishing attack against users MacOS Phishing Apple Guilherme Rambo (@_inside) Bug Bounty2022-03-142023-06-13
1732My First Bug on VDP & BBP - Bug Bounty Stored XSS NA Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-03-152023-06-13
1731CVE-2020-24427: Adobe Reader CJK Codecs Memory Disclosure Vulnerability Memory disclosure Adobe Haboob Research Team (@HaboobSa) Bug Bounty2022-03-152023-06-13
1730CVE-2022-22616: Simple way to bypass GateKeeper, hidden for years Local Privilege Escalation GateKeeper bypass MacOS Apple Mickey Jin (@patch1t) Bug Bounty2022-03-152023-06-13