Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1354Going beyond Alert with XSS XSS Account takeover NA pipsh Bug Bounty2022-07-162023-06-13
1337React debug.keystore key was trusted by Meta(Facebook) which caused to Instagram account takeover by malicious apps. Account takeover Android Meta / Facebook Dzmitry Lukyanenka (@vulnano) Bug Bounty2022-07-192023-06-13
1328WordPress Transposh: Exploiting a Blind SQL Injection via XSS - RCE Security SQL injection XSS Account takeover WordPress Julien Ahrens (@MrTuxracer) Bug Bounty2022-07-222023-06-13
1291How I get Full Account Takeover via stealing action’s login form | XSS XSS Account takeover NA Mohamed Tarek (@timooon107) Bug Bounty2022-08-012023-06-13
1288Stored XSS to Account Takeover : Going beyond document.cookie | Stealing Session Data from IndexedDB Stored XSS Account takeover NA Syed Mushfik Hasan Tahsin (@SMHTahsin33) Bug Bounty2022-08-022023-06-13
12712FA Bypass via Google Identity & OAuth Login MFA bypass Account takeover NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2022-08-072023-06-13
1259Defeat the HttpOnly flag to achieve Account Takeover | RXSS Reflected XSS Account takeover NA Mohamed Tarek (@timooon107) Bug Bounty2022-08-102023-06-13
1248My Experience on Hacking the Dutch Government XSS Open redirect CSRF Account takeover Dutch Government Jefferson Gonzales (@gonzxph) Bug Bounty2022-08-112023-06-13
1243Amazon Cognito misconfiguration lead to account takeover Account takeover NA Hossam Ahmed (@iknowhatodo0x01) Bug Bounty2022-08-122023-06-13
1236UN United Nations Host Header Injection leads to any Full Account Takeover (ATO) Host header injection Password reset Account takeover United Nations Ahmed Hassan Bug Bounty2022-08-132023-06-13
1219We discovered major vulnerabilities in Control Web Panel. Here’s how we found them. Path traversal RCE Weak crypto Password reset Account takeover Centos Web Panel (CWP) Immersive Labs (@immersivelabs) Bug Bounty2022-08-152023-06-13
1213CSRF leads to Account Takeover | Samsung CSRF Account takeover Samsung R ando (@Rando02355205) Bug Bounty2022-08-162023-06-13
1199Account takeover worth $1000 Account takeover Authentication bypass Information disclosure Password reset NA Faique (@imfaiqu3) Bug Bounty2022-08-192023-06-13
1198Never underestimate the power of open redirect, a story of a full account takeover Open redirect Account takeover Token leak NA Ibrahim Auwal (@ibrahimatix0x01) Bug Bounty2022-08-202023-06-13
1124Turning cookie based XSS into account takeover XSS Account takeover Terrahost Bartłomiej Bergier (@_bergee_) Bug Bounty2022-09-062023-06-13
1078HTTP Desync Attack (Request Smuggling) - Mass Account Takeover at a Cryptocurrency based asset and 121 other websites HTTP Request Smuggling Desync attack NA Ankit Singh (@AnkitCuriosity) Bug Bounty2022-09-142023-06-13
1067Android Application Forgot Password Token Leakage Leading to Account Takeover Information disclosure Password reset Account takeover Android NA Cyberali Bug Bounty2022-09-192023-06-13
1055Mass Assignment Leading to Pre Account Takeover Mass assignment NA Cyberali Bug Bounty2022-09-212023-06-13
1032Blind account takeover Account takeover NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-09-252023-06-13
1006Using Default Credential to Admin Account Takeover Weak credentials NA Rohit Kumar (Rohit_443) Bug Bounty2022-10-022023-06-13
1003Bugcrowd — Tale of multiple misconfigurations!! ❌ Account takeover OAuth OTP bypass Password reset NA Vaibhav Lakhani Bug Bounty2022-10-042023-06-13
975In GUID We Trust IDOR Password reset Race condition Account takeover NA Daniel Thatcher (@_danielthatcher) Bug Bounty2022-10-112023-06-13
968The story of a [P5] that lead me to a [P3] find Pre-account takeover NA JAI NIRESH J Bug Bounty2022-10-132023-06-13
964Code flaws leads to Org/Admin Account Takeover Privilege escalation Account takeover NA Saransh Saraf (@mr23r0) Bug Bounty2022-10-132023-06-13
962Fall account takeover via Amazon Cognito misconfiguration IDOR Account takeover NA Hossam Ahmed (@iknowhatodo0x01) Bug Bounty2022-10-132023-06-13