Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1391PII Disclosure of Apple Users ($10k) IDOR Lack of rate limiting Bruteforce Information disclosure Apple Ahmad Halabi (@Ahmad_Halabi_) Bug Bounty2022-07-072023-06-13
1390Account Takeover via Response Manipulation Authentication bypass Account takeover MFA bypass HTTP response manipulation NA BUG HUNTER Bug Bounty2022-07-082023-06-13
1389stored XSS and stored HTML Injection in United Nations Website XSS HTML injection United Nations Ahmed Hassan Bug Bounty2022-07-082023-06-13
1388Advisory | GLPI Service Management Software Multiple Vulnerabilities and Remote Code Execution SQL injection RCE LFI GLPI Nuri Çilengir (@ncilengir) Bug Bounty2022-07-082023-06-13
1387Flash XSS in ajax.googleapis.com XSS Google R ando (@Rando02355205) Bug Bounty2022-07-082023-06-13
1386An interesting idor that allowed me to See all projects ($$$$ Bounty) IDOR NA Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-07-092023-06-13
1385Exploiting SQL Injection at Authorization token SQL injection Account takeover NA Basudev Bug Bounty2022-07-092023-06-13
1384How I earned 200$ in Bug Bounty Program Information disclosure NA Idan Malihi Bug Bounty2022-07-092023-06-13
1383Exploiting Authentication in AWS IAM Authenticator for Kubernetes Authentication flaw Privilege escalation AWS Gafnit Amiga (@gafnitav) Bug Bounty2022-07-112023-06-13
1381How we have pwned Root-Me in 2022 XSS CSRF RCE SPIP SpawnZii (@SpawnZii) Bug Bounty2022-07-122023-06-13
1380Remote Code Execution via Prototype Pollution in Blitz.js Prototype pollution RCE Blitz.js Paul Gerste Bug Bounty2022-07-122023-06-13
1379How a Simple IDOR Led Me to Delete Any Account IDOR CSRF NA rajesh.r (@_rajesh_ranjan_) Bug Bounty2022-07-122023-06-13
1378Write Up 1: Hellosign Integration [Full Read SSRF] SSRF NA Soufiane Habti (@wld_basha) Bug Bounty2022-07-122023-06-13
1377Microsoft Azure Site Recovery DLL Hijacking DLL Hijacking Privilege escalation Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-122023-06-13
1376CVE-2022-32223 Discovery: DLL Hijacking via npm CLI DLL Hijacking Privilege escalation Node.js Yakir Kadkoda Bug Bounty2022-07-122023-06-13
1375Leveraging the SQL Injection to Execute the XSS by Evading CSP CSP bypass SQL injection XSS NA Nirmal Dahal (@TheNittam) Bug Bounty2022-07-122023-06-13
1374Netwrix Auditor Advisory Insecure deserialization Netwrix Jordan Parkin Bug Bounty2022-07-132023-06-13
1373CVE-2022-29885 - Don%27t Open That Port - A Denial Of Service vulnerability on Apache Tomcat Cluster Service Listener DoS Internet Bug Bounty void (@voidz0r) Bug Bounty2022-07-132023-06-13
1372Hacking on a Private Program (Salseforce crm) RCE OS command injection NA Maruf Hosan (@thinkermaruff) Bug Bounty2022-07-132023-06-13
1371Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 Local Privilege Escalation Apple Microsoft 365 Defender Research Team Bug Bounty2022-07-132023-06-13
1370Microsoft Teams — Cross Site Scripting (XSS) Bypass CSP XSS CSP bypass HTML injection Microsoft Numan Turle (@numanturle) Bug Bounty2022-07-132023-06-13
1369From Open Redirect to Reflected XSS manually Open redirect Reflected XSS NA Rodric Bug Bounty2022-07-142023-06-13
1368CVE-2022-30136: Microsoft Windows Network File System V4 Remote Code Execution Vulnerability RCE DoS Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-07-142023-06-13
1367Abusing URL Shortners for fun and profit Information disclosure Account takeover IDOR NA Sicksec (@OriginalSicksec) Bug Bounty2022-07-142023-06-13
1366Tableau Server Leaks Sensitive Information From Reflected XSS Reflected XSS Salesforce Simon Bouchard (@SimTwisted) Bug Bounty2022-07-142023-06-13