Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1623Multiple Vulnerabilities in Cisco Expressway Memory leak Exposed administrative interface STUN TURN Cisco Christian Mehlmauer (@firefart) Bug Bounty2022-04-142023-06-13
1622CVE-2022-26133 - Bitbucket Data Center - Java Deserialization Vulnerability Insecure deserialization Atlassian Benny Jacob (@bennyyjacob) Bug Bounty2022-04-142023-06-13
1621Prototype Pollution in fast-xml-parser Prototype pollution NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2022-04-142023-06-13
1620Crazy Simple Insecure Design & 300$ Bounty! IP grabbing NA Saransh Saraf (@mr23r0) Bug Bounty2022-04-152023-06-13
1618How I was able to see likes and dislikes count even though is hidden by victim | YouTube #4 Broken Access Control Google R ando (@Rando02355205) Bug Bounty2022-04-152023-06-13
1617How we spoofed ENS domains for $15k Homograph attack ENS Hacxyk. (@Hacxyk) Bug Bounty2022-04-152023-06-13
1616XSLeaking with my best bud SOP Information disclosure Microsoft Ha Anh Hoang Bug Bounty2022-04-152023-06-13
1615Full Account Takeover via Open Redirection Open redirect Token leak Account takeover OAuth NA vFlexo (@vflexo) Bug Bounty2022-04-172023-06-13
1614SQL Injection in Harvard’s Subdomain SQL injection Harvard Bibek Neupane (@nb1b3k) Bug Bounty2022-04-172023-06-13
1612Palisade identifies Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace XSS Rarible Palissade (@PalisadeLLC) Bug Bounty2022-04-182023-06-13
1611Adobe Acrobat hollowing out same-origin policy XSS SOP bypass Open redirect postMessage Adobe Wladimir Palant (@WPalant) Bug Bounty2022-04-192023-06-13
1610AWS%27s Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation Privilege escalation Container escape AWS Unit 42 (@Unit42_Intel) Bug Bounty2022-04-192023-06-13
1609CVE-2022-21449: Psychic Signatures in Java Signature bypass Cryptographic issues Oracle Neil Madden (@neilmaddog) Bug Bounty2022-04-192023-06-13
1608Exploiting a File Upload Vulnerability — A Directory Traversal Attack Unrestricted file upload Path traversal NA Kwadwo Amoako Bug Bounty2022-04-202023-06-13
1607Gaining Unlimited access to graph AuditLogs endpoint using complex filters with non-privileged user account Information disclosure Privilege escalation Microsoft Joosua Santasalo (@SantasaloJoosua) Bug Bounty2022-04-212023-06-13
1606Open Redirection into Bentley System XSS Bentley Systems Amit Kumar (@Amitlt2) Bug Bounty2022-04-212023-06-13
1605Smashing the Modern Web Tech Stack — Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps. Open redirect XSS NA MalwareJoe Bug Bounty2022-04-212023-06-13
1604Security issues with cloudflare/odoh-server-go and the ODoH RFC draft SSRF Cloudflare Frans Rosén (@fransrosen) Bug Bounty2022-04-212023-06-13
1603Adventures Into The MeowCorp Bug Bounty Program Information disclosure Weak credentials SSRF .git folder disclosure RCE NA Nirmal Thapa (@tnirmalz) Bug Bounty2022-04-212023-06-13
1602How I Bypassed 2FA while Resetting Password MFA bypass Password reset NA Sufiyan Gouri (@gouri_sufyan) Bug Bounty2022-04-232023-06-13
1601How I got Apple Hall Of Fame ! Content injection Apple shubhdeep (@Shubhdeeppp) Bug Bounty2022-04-232023-06-13
1600EJS, Server side template injection RCE (CVE-2022-29078) - writeup SSTI RCE ejs NetApp Eslam Salem (@net_code) Bug Bounty2022-04-232023-06-13
1599Unlock any blur text/picture without membership/subscription on Scribd.com |By Neuchi Payment bypass Logic flaw Scribd.com Neil Neuchi Bug Bounty2022-04-252023-06-13
1598Fuzzing and credentials leakage..awesome bug hunting writeup Hardcoded credentials Information disclosure NA Abdalrahman Alshammas Bug Bounty2022-04-252023-06-13
1597Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages? Logic flaw GitHub Yakir Kadkoda Bug Bounty2022-04-262023-06-13