Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1729How I managed to trigger XSS automatically to get critical account takeover Stored XSS NA c4rrilat0r (@c4rrilat0r) Bug Bounty2022-03-152023-06-13
1728Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) Arbitrary file write Apple Richard Warren (@buffaloverflow) Bug Bounty2022-03-152023-06-13
1727Securing Developer Tools: Git Integrations Local Privilege Escalation Microsoft JetBrains GitHub Sonar (@SonarSource) Bug Bounty2022-03-152023-06-13
1726SSD Advisory – Exchange Server GetWacInfo Information Disclosure Vulnerability XXE Information disclosure Microsoft Alex Birnberg (@alexbirnberg) Bug Bounty2022-03-152023-06-13
1725How I was able to find 50+ Cross-site scripting (XSS) Security Vulnerabilities on Bugcrowd Public Program? XSS NA akshal(tojojo) Bug Bounty2022-03-162023-06-13
1724Git honours embedded bare repos, and exploitation via core.fsmonitor in a directory%27s .git/config affects IDEs, shell prompts and Git pillagers RCE GitHub Microsoft JetBrains Justin Steven (@justinsteven) Bug Bounty2022-03-162023-06-13
1723From XSS to RCE (dompdf 0day) XSS RCE NA Positive Security (@positive_sec) Bug Bounty2022-03-162023-06-13
1722Parameter Pollution - Zero Day HTTP parameter pollution Discourse Jerry Shah (@Jerry) Bug Bounty2022-03-172023-06-13
1721My First Blind SQL Injection SQL injection NA T VAMSHI Bug Bounty2022-03-172023-06-13
1720Abusing Azure Hybrid Workers for Privilege Escalation – Part 1 Privilege escalation Microsoft (Azure) Josh Magri (@passthehashbrwn) Bug Bounty2022-03-172023-06-13
1719Abusing Arbitrary File Deletes To Escalate Privilege And Other Great Tricks Local Privilege Escalation Microsoft (Windows) Abdelhamid Naceri Bug Bounty2022-03-172023-06-13
1718Bypass confirmation to add payment method. Email verification bypass Logic flaw NA Yaj Desu Bug Bounty2022-03-182023-06-13
1717For the first Bounty, it takes a few challenging months, but only a few days for the second. Old components with known vulnerabilities NA Aneesha D (@interc3pt3r) Bug Bounty2022-03-182023-06-13
1716Insecure Direct Object Reference Exposes all users of Microsoft Azure Independent Software Vendors IDOR Microsoft Meareg Bug Bounty2022-03-182023-06-13
1715Adobe bug bounty using IDOR, Confidential data leaks IDOR Adobe Debprasad Banerjee Bug Bounty2022-03-192023-06-13
1714Files.app Symbolic Link Following iOS Apple Ron Masas (@RonMasas) Bug Bounty2022-03-192023-06-13
1713CVE-2022-0337 System environment variables leak on Google Chrome, Microsoft Edge and Opera Browser hacking Google Microsoft Opera Maciej Pulikowski (@pulik_io) Bug Bounty2022-03-192023-06-13
1712Bug Bounty catches part -1 Authentication bypass Information disclosure Broken Access Control NA Bijan Murmu (@0xBijan) Bug Bounty2022-03-202023-06-13
1711Broken session control leads to access private videos using the shared link even after revoking the access for specific time!! — #GoogleVRP Broken Access Control Google Naveenroy Bug Bounty2022-03-202023-06-13
1710($$$) Broken Authentication and IDOR at [REDACTED] IDOR NA Rizaldi Wahaz (@wah_haz) Bug Bounty2022-03-212023-06-13
1709Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) Local Privilege Escalation TCC bypass MacoS Apple Microsoft Alfie Champion (@ajpc500) Bug Bounty2022-03-212023-06-13
1708iTop – Template Injection inside customer Portal SSTI RCE Combodo (iTop) Markus Krell (@MarkusKrell) Bug Bounty2022-03-212023-06-13
1707Google Maps API Key Unauthorized Use Case Information disclosure NA Dan Barros Bug Bounty2022-03-222023-06-13
1706Story about more than 3.5 million PII leakage in Yahoo!!! IDOR Information disclosure iOS Yahoo! / Verizon Media dhakal_bibek (@dhakal__bibek) Bug Bounty2022-03-222023-06-13
1705Basic recon to RCE II RCE NA Joshua Martinelle (@J0_mart) Bug Bounty2022-03-222023-06-13