Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1443Widespread prototype pollution gadgets Prototype pollution NA Gareth Heyes (@garethheyes) Bug Bounty2022-06-212023-06-13
1442Exploiting vulnerabilities in iOS Application IDOR Bruteforce Lack of rate limiting Account takeover iOS NA Raj Singh Chauhan (@raj_singh_ch) Bug Bounty2022-06-222023-06-13
1440We were vulnerable - how a security company could have vulns Broken Access Control Authorization flaw Information disclosure Volkis Soman Verma Bug Bounty2022-06-222023-06-13
1439Exploiting Bitdefender Antivirus: RCE from any website RCE Command injection Bitdefender Wladimir Palant (@WPalant) Bug Bounty2022-06-222023-06-13
1438Filesatck Upload Advisory Summary XSS Filestack Carlos Yanez Bug Bounty2022-06-232023-06-13
1437Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006) Authentication bypass Lock screen bypass Google Joshua Nearchos Bug Bounty2022-06-232023-06-13
1436CVE-2022-31749: WatchGuard Authenticated Arbitrary File Read/Write (Fixed) Argument injection WatchGuard Jake Baines (@Junior_Baines) Bug Bounty2022-06-232023-06-13
1435Pwn2Own 2021 Microsoft Exchange Exploit Chain SSRF RCE Microsoft Rskvp93 (@rskvp93) Bug Bounty2022-06-232023-06-13
1434Miracle - One Vulnerability To Rule Them All Insecure deserialization SSRF RCE Oracle Nguyễn Tiến Giang (@testanull) Bug Bounty2022-06-232023-06-13
1433An Out Of Scope domain Leads To a Critical Bug[$1500] Authorization flaw Broken Access Control NA Shakti Mohanty (@3ncryptSaan) Bug Bounty2022-06-242023-06-13
1432Moderation Filter Bypass in support.mozilla.org Logic flaw Mozilla tomorrowisnew (@tomorrowisnew_) Bug Bounty2022-06-252023-06-13
1431mysqlnd/pdo password buffer overflow leading to RCE (CVE 2022-31626) Buffer Overflow Memory corruption PHP Charles Fol (@cfreal_) Bug Bounty2022-06-252023-06-13
1430Bug: Cisco IOS SNMPv3 ACL Issues Information disclosure Cisco Gerry Gosselin (@ggPixelHealth) Bug Bounty2022-06-262023-06-13
1429Hyperlink Injection On IRC Cloud Hyperlink injection IRCCloud Aswin K V (@deep_marketer_) Bug Bounty2022-06-262023-06-13
1428Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135) SSRF Atlassian Shubham Shah (@infosec_au) Bug Bounty2022-06-262023-06-13
1427CVE-2022-32205: Set-Cookie denial of service DoS Internet Bug Bounty (curl) Harry Sintonen Bug Bounty2022-06-272023-06-13
1426CVE-2022-32206: HTTP compression denial of service DoS Internet Bug Bounty (curl) Harry Sintonen Bug Bounty2022-06-272023-06-13
1425CVE-2022-32207: Unpreserved file permissions Improper Preservation of Permissions Internet Bug Bounty (curl) Harry Sintonen Bug Bounty2022-06-272023-06-13
1424CVE-2022-32208: FTP-KRB bad message verification MiTM Internet Bug Bounty (curl) Harry Sintonen Bug Bounty2022-06-272023-06-13
1423HTML and Hyperlink Injection via Share Option In Microsoft Onenote Application HTML injection Phishing Microsoft Divyanshu Shukla (@justm0rph3u5) Bug Bounty2022-06-282023-06-13
1422CVE-2022-30522 – Denial of Service (DoS) Vulnerability in Apache httpd “mod_sed” filter DoS Internet Bug Bounty JFrog Security Research Team (@JFrogSecurity) Bug Bounty2022-06-282023-06-13
1421CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED) Client File Read Rapid7 Hans-Martin Münch (@h0ng10) Bug Bounty2022-06-282023-06-13
1420Access control worth $2000 (everyone missed this IDOR+Access control between two admins.) IDOR Broken Access Control NA dhakal_bibek (@dhakal__bibek) Bug Bounty2022-06-282023-06-13
1419FabricScape: Escaping Service Fabric and Taking Over the Cluster Container escape Local Privilege Escalation Cross-tenant vulnerability Microsoft Unit 42 (@Unit42_Intel) Bug Bounty2022-06-282023-06-13
1418Bypassing .NET Serialization Binders Insecure deserialization RCE Microsoft Markus Wulftange (@mwulftange) Bug Bounty2022-06-282023-06-13