Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2245Full structure takeover to many brands of company Directory listing Information disclosure NA Abdelrahman Khaled Bug Bounty2021-09-062023-06-13
22435 Different Vulnerabilities in Google’s Threadit DOM XSS Clickjacking Privilege escalation Information disclosure Google Thomas Orlita (@ThomasOrlita) Bug Bounty2021-09-072023-06-13
2240Facebook email disclosure and account takeover Information disclosure Account takeover Meta / Facebook Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2021-09-082023-06-13
2237GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink Logic flaw Information disclosure GitHub Justin Steven (@justinsteven) Bug Bounty2021-09-082023-06-13
2220A Facebook bug that exposes email/phone number to your friends Information disclosure Logic flaw Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2021-09-152023-06-13
2213From Google Dorking to Information Disclosure Information disclosure Missing authentication NA MikeChan Bug Bounty2021-09-182023-06-13
2212From phpinfo page to many P1 bugs and RCE. [Symfony] File disclosure Information disclosure RCE NA Abdelrahman Khaled Bug Bounty2021-09-182023-06-13
2211A small change, and things go in your hand : Story of a $250 bounty Information disclosure NA Fardeen Ahmed (@fardeenahmed411) Bug Bounty2021-09-182023-06-13
2209Chaining bugs for better bounties SSRF XSS Information disclosure NA Manas Harsh (@ManasH4rsh) Bug Bounty2021-09-192023-06-13
2203A fever Worth 750$- [Accessing Private Projects ] IDOR Information disclosure Mozilla Shakti Mohanty (@3ncryptSaan) Bug Bounty2021-09-222023-06-13
2194Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program Information disclosure Local Privilege Escalation Privacy issue Apple Denis Tokarev / illusionofchaos Bug Bounty2021-09-242023-06-13
2180Expect The Unexpected: Discovering fresh ZeroDay for Bounty Logic flaw Information disclosure NA Sina Kheirkhah (@SinSinology) Bug Bounty2021-09-302023-06-13
2169How I got access to many PIIs through a source code leak Information disclosure NA Supras (@LdrTom) Bug Bounty2021-10-052023-06-13
2162Power of Your Own Wordlist — Fuzz for Log File Leads to Information Leakage Information disclosure NA MikeChan Bug Bounty2021-10-092023-06-13
2154Pulse Secure version number disclosure in error messages Information disclosure Pulse Secure Mehdi Alouache Bug Bounty2021-10-122023-06-13
2141The Speckle Umbrella story — part 2 Information disclosure Logic flaw Google Imre Rad (@ImreRad) Bug Bounty2021-10-182023-06-13
2123An Effective 5 min recon leads to a Hall of Fame Information disclosure NA Renganathan (@IamRenganathan) Bug Bounty2021-10-262023-06-13
2112How I was able to access a properly Configured S3 Bucket Leaked AWS keys Information disclosure NA Pawan Chhabria (@heybenchmarkkk) Bug Bounty2021-10-282023-06-13
2111One misconfiguration to rule them all Information disclosure Debug mode enabled NA Sushant Soni (@sushantsoni5392) Bug Bounty2021-10-292023-06-13
20994 Crits in 48 hours: Unicorn Programs Privilege escalation Information disclosure IDOR NA Monke (@pmofcats) Bug Bounty2021-11-062023-06-13
2093400$ Bounty again using Google Dorks Directory listing Information disclosure NA Haris M (@hrsm321) Bug Bounty2021-11-092023-06-13
2086From URL dumps digging to IDOR , BAC, Massive Phishing in Udemy Broken Access Control Information disclosure IDOR HTML injection Udemy Mostafa Mamdoh Bug Bounty2021-11-122023-06-13
2084How I got $200 in 30 Seconds. Information disclosure NA Yash__ HackZ (@HackzYash) Bug Bounty2021-11-122023-06-13
2080Exploiting CSP in Webkit to Break Authentication & Authorization Information disclosure CSP leak Account takeover Apple Sachin Thakuri (@sachinnthakuri) Bug Bounty2021-11-132023-06-13
2078How I Found P1 bug Due to Sensitive data exposure And Earn $$$$ Information disclosure NA Piyush shukla (@PiyushShukla__) Bug Bounty2021-11-152023-06-13