Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1704Authentication bypass using root array Authentication bypass Information disclosure NA Eslam Akl (@eslam3kll) Bug Bounty2022-03-222023-06-13
1703When Equal is Not, Another WebView Takeover Story Android NA Dimitrios Valsamaras (@Ch0pin) Bug Bounty2022-03-222023-06-13
1701Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121) RCE Western Digital Alex Plaskett (@alexjplaskett) Bug Bounty2022-03-232023-06-13
1699Pwn2Own Austin 2021 : Defeating The Netgear R6700V3 RCE Memory corruption Netgear Antide Petit (@xarkes_) Bug Bounty2022-03-252023-06-13
1698Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044) XSS Arbitrary file read Authentication bypass OS command injection RCE Netgear stypr (@stereotype32) Bug Bounty2022-03-252023-06-13
1697Clipboard hazard with Google Sheets Phishing Google Imre Rad (@ImreRad) Bug Bounty2022-03-252023-06-13
1696Bug Bounty Adventures: A NodeBB 0-day CSRF Account takeover SSO Authentication flaw Opera Marouane Mouhtadi (@Mar0_0uane) Bug Bounty2022-03-252023-06-13
1695Broken Access Control - IDOR IDOR NA Nick Berrie (@machevalia) Bug Bounty2022-03-252023-06-13
1694Deleting account via support ticket IDOR Broken Access Control NA Bijan Murmu (@0xBijan) Bug Bounty2022-03-262023-06-13
1693Stealing cookies from subdomain leads to takeover user accounts at redacted.com Account takeover XSS NA Bijan Murmu (@0xBijan) Bug Bounty2022-03-272023-06-13
1692How I was able to rick roll every users on root-me.org XSS Root-Me Mizu (@kevin_mizu) Bug Bounty2022-03-272023-06-13
1691Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All RCE Memory corruption SQL injection Microsoft Kasif Dekel (@kasifdekel) Bug Bounty2022-03-282023-06-13
1690Ruby Deserialization - Gadget on Rails Insecure deserialization RCE Ruby on Rails HTTPVoid (@httpvoid0x2f) Bug Bounty2022-03-282023-06-13
1689Your NAS is not your NAS ! RCE Memory corruption Buffer Overflow Synology Angelboy (@scwuaptx) Bug Bounty2022-03-282023-06-13
1688ABC-Code Execution for Veeam Local Privilege Escalation Veeam Sina Kheirkhah (@SinSinology) Bug Bounty2022-03-292023-06-13
1687How I bypassed 403 forbidden domain using a simple trick 403 bypass NA Jan Muhammad Zaidi (@hasanakajan) Bug Bounty2022-03-292023-06-13
1686Joomla! <= 4.1.0 (Tar.php) Zip Slip Vulnerability Zip Slip attack Path traversal Source code disclosure Joomla! Egidio Romano / EgiX Bug Bounty2022-03-292023-06-13
1685CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter Information disclosure VMware Yuval Lazar Bug Bounty2022-03-292023-06-13
1683Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM) Insecure deserialization Local Privilege Escalation RCE Cisco Pedro Ribeiro (@pedrib1337) Bug Bounty2022-03-302023-06-13
1682CVE-2022-27643 - NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability Memory corruption RCE Netgear Relyze (@relyze) Bug Bounty2022-03-312023-06-13
1681Got Access To Dota 2 Admin Panel By Exploiting In-game Feature XSS Valve Abdillah Muhamad (@abdilahrf) Bug Bounty2022-03-312023-06-13
1680Critical SSRF on Evernote SSRF Evernote Neolex (@NeolexSecurity) Bug Bounty2022-03-312023-06-13
1679Race condition in Tendermint’s StarPort Race condition Cosmos Shashank (@cyberboyIndia) Bug Bounty2022-03-312023-06-13
1678A Large-scale and Longitudinal Measurement Study of DKIM Deployment Email spoofing Phishing Google Mailchimp Sendgrid Salesforce Chuhan Wang Bug Bounty2022-04-012023-06-13
1677Pwning a Cisco RV340 with a 4 bug chain exploit Local Privilege Escalation OS command injection RCE Session management issue Cisco Liv (@terminatorLM) Bug Bounty2022-04-012023-06-13