Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4967Craft CMS – Why case matters Reflected XSS Content injection Craft CMS Markus Krell (@MarkusKrell) Bug Bounty2017-10-012023-06-13
4966How I could have mass uploaded from every Flickr account! Bruteforce Flickr Jazzy (@ret2got) Bug Bounty2017-10-052023-06-13
4965How I Was Able To View Private Tweets Of Any Private Twitter Account IDOR Twitter Cj Legacion (@LegacionCj) Bug Bounty2017-10-062023-06-13
4963Subdomain Takeover Through Expired Cloudfront Distribution | live.lamborghini.co Subdomain takeover Lamborghini Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-10-102023-06-13
4962Exploiting Insecure Cross Origin Resource Sharing ( CORS ) | api.artsy.net CORS misconfiguration Artsy Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-10-102023-06-13
4961Bugcrowd’s Domain & Subdomain Takeover vulnerability! Subdomain takeover Bugcrowd Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-10-102023-06-13
4960Leaking Amazon.com CSRF Tokens Using Service Worker API CSRF Amazon Abdullah Hussam (@Abdulahhusam) Bug Bounty2017-10-112023-06-13
4959How I was Able to see someone’s all private files with a single file share link through Atom feed & Never Give Up #togetherwehitharder HackerOne Information disclosure NA Yogendra Jaiswal (@vulnh0lic) Bug Bounty2017-10-132023-06-13
4958DOM XSS – auth.uber.com DOM XSS Uber StamOne_ Bug Bounty2017-10-142023-06-13
4957Reading Internal Files using SSRF vulnerability SSRF NA Neeraj Sonaniya (@neeraj_sonaniya) Bug Bounty2017-10-162023-06-13
4956How I hacked all the [REDACT] Agents accounts Default credentials NA Neeraj Sonaniya (@neeraj_sonaniya) Bug Bounty2017-10-172023-06-13
4955Sensitive data exposure by requesting a resource with a different content type Information disclosure NA Yogendra Jaiswal (@vulnh0lic) Bug Bounty2017-10-172023-06-13
4954Taking over every Ad on OLX (automated), an IDOR story IDOR OLX Roderick Schaefer (@kciredor_) Bug Bounty2017-10-182023-06-13
4953How i found an SSRF in Yahoo! Guesthouse (Recon Wins) SSRF Yahoo! / Verizon Media Th3G3nt3lman (@Th3G3nt3lman) Bug Bounty2017-10-202023-06-13
4952Slack SAML authentication bypass Authentication bypass Slack Antonio Sanso (@asanso) Bug Bounty2017-10-262023-06-13
4951Abusing new Claps feature in Medium IDOR Medium Sai Krishna Kothapalli (@kmskrishna) Bug Bounty2017-10-292023-06-13
4950How I hacked Google’s bug tracking system itself for $15,600 in bounties Logic flaw Google Alex Birsan (@alxbrsn) Bug Bounty2017-10-302023-06-13
4949App Maker and Colaboratory: a stored Google XSS double-bill Stored XSS Google Yasin Soliman (@SecurityYasin) Bug Bounty2017-11-012023-06-13
4948Senstive Information Leak Lead To join any Organisation Information disclosure NA Shivbihari Pandey (@ninja_pandit_) Bug Bounty2017-11-042023-06-13
4947Accessing Localhost via Vhost vHost misconfiguration NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-11-042023-06-13
4946CRLF injection in blockchain.info CRLF injection Blockchain.info Shashank (@cyberboyIndia) Bug Bounty2017-11-052023-06-13
4945Non-persistent XSS at Microsoft -Adesh Kolte Reflected XSS Microsoft Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-052023-06-13
4944Multiple Intel Vulnerabilities-Adesh Kolte Open redirect Directory listing Intel Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-052023-06-13
4943Get your Microsoft account hijacked by simply clicking connect button -Adesh Kolte Stored XSS Microsoft Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-062023-06-13
4942From SSRF to Local File Disclosure SSRF Local file disclosure (LFD) NA Tung Pun Bug Bounty2017-11-082023-06-13