Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1494Security Vulnerability in GitLab: Sending Arbitrary Requests through Jupyter Notebooks HTML injection GitLab Daniel Fürst (@DnlFrst) Bug Bounty2022-06-072023-06-13
1493CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow Buffer Overflow Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-06-082023-06-13
1492Exploiting Amazon active vulnerability Payment bypass Logic flaw Amazon Benjamin Walter Bug Bounty2022-06-082023-06-13
1491Account Takeover by Chaining Two IDORs IDOR Account takeover NA Demon (@R29k_) Bug Bounty2022-06-082023-06-13
1490Extracting Clear-Text Credentials Directly From Chromium’s Memory Browser hacking Google (Chromium) Zeev Ben Porat Bug Bounty2022-06-082023-06-13
1489De-Anonymization attacks against Proton services Privacy issue Information disclosure HTML injection Local Privilege Escalation Proton AG Ruben Santamarta (@reversemode) Bug Bounty2022-06-082023-06-13
1488Denial of Service Vulnerability in Envoy Proxy – CVE-2022-29225 Zip bomb DoS Envoy JFrog Security Research Team (@JFrogSecurity) Bug Bounty2022-06-092023-06-13
1487Autodesk Fusion 360 <= 2.0.12887 “Insert SVG” Blind XXE XXE Autodesk Giulio %27linset%27 Casciaro (@Lins3t) Bug Bounty2022-06-092023-06-13
1486Chaining vulnerabilities to criticality in Progress WhatsUp Gold SSRF Local File Disclosure Information disclosure Progress (WhatsUp Gold) Shubham Shah (@infosec_au) Bug Bounty2022-06-092023-06-13
1485CVE-2022-1040 Sophos XG Firewall Authentication bypass Authentication bypass RCE Sophos Nguyễn Đình Biển (@biennd279) Bug Bounty2022-06-092023-06-13
1484How to download eBooks from Google Play Store without paying for them Payment bypass Logic flaw Google Yess (@Yess_2021xD) Bug Bounty2022-06-092023-06-13
1483My first CVE-2022–31289 Authentication bypass 403 bypass HTTP response manipulation Sonatype Praveen Mali (@pmmali_) Bug Bounty2022-06-112023-06-13
1482ed25519-unsafe-libs Cryptographic issues NA Konstantinos Chalkias Bug Bounty2022-06-112023-06-13
1481A Story of a Bug Found Fuzzing Browser hacking Memory corruption Google Microsoft Abdulrhman Alqabandi (@qab) Bug Bounty2022-06-112023-06-13
1480From blind SSRF to localhost dirbusting and asset enumeration SSRF NA Jovan Šikanja (@joshibeast) Bug Bounty2022-06-112023-06-13
1479Same bug different platform Logic flaw Authorization flaw Meta / Facebook Prajwol Dhungana (@PrajwolDhunga14) Bug Bounty2022-06-112023-06-13
1478How I found a Critical Bug in Instagram and Got 49500$ Bounty From Facebook IDOR Meta / Facebook Neeraj Sharma (@root_n33r4j) Bug Bounty2022-06-122023-06-13
1477Hacking 6.5+ million websites => CVE-2022-29455 (Elementor) XSS NA Rotem Bar (@rotembar) Bug Bounty2022-06-122023-06-13
1476Finding vulnerabilities in curl 7.83.0 without reading a single-line of C code SSRF Information disclosure HSTS bypass Internet Bug Bounty (curl) Haxatron (@Haxatron1) Bug Bounty2022-06-122023-06-13
1475Yet another bug into Netfilter Memory corruption Local Privilege Escalation Linux Kernel Organization Arthur Mongodin Bug Bounty2022-06-132023-06-13
1474Microsoft Azure Synapse Pwnalytics Privilege escalation Cloud Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-06-132023-06-13
1473How I was able to see likes and dislikes count which is hidden by victim | YouTube #1 Logic flaw Authorization flaw Google Jay Jani (@JayJani007) Bug Bounty2022-06-142023-06-13
1472500$ Account Takeover Account takeover Information disclosure HTTP response manipulation Xsolla Hemant Kumar Bug Bounty2022-06-142023-06-13
1471Bypassing CSP with dangling iframes CSP bypass Google Mozilla Gareth Heyes (@garethheyes) Bug Bounty2022-06-142023-06-13
1470SynLapse – Technical Details for Critical Azure Synapse Vulnerability Cross-tenant vulnerability RCE Cloud Microsoft Tzah Pahima (@TzahPahima) Bug Bounty2022-06-142023-06-13