Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2071Keybase App Vulnerability: Incomplete Cleanup of Messages In Keybase for Android/iOS, CVE-2021-34421 Information disclosure Keybase Olivia O’Hara (@oliviaohara) Bug Bounty2021-11-172023-06-13
2068CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory Information disclosure Microsoft Karl Fosaaen (@kfosaaen) Bug Bounty2021-11-172023-06-13
2064How I accidentally hacked many companies using N/A vulnerability in Atlassian Cloud Information disclosure Authentication flaw Atlassian Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2021-11-192023-06-13
2051Unauthenticated Sensitive Information Disclosure at [REDACTED] Old components with known vulnerabilities Information disclosure NA Rizaldi Wahaz (@wah_haz) Bug Bounty2021-11-252023-06-13
2046How I got my first bounty on financial sector gateway site by using Previous GraphQL vulnerabilities. Information disclosure GraphQL NA Night Hawk Bug Bounty2021-11-262023-06-13
2028Disclose Ad Accounts linked with Instagram Accounts Information disclosure Logic flaw GraphQL Meta / Facebook Naveen (@NaveenHax) Bug Bounty2021-12-022023-06-13
2015Microsoft Vancouver leaking website credentials via overlooked DS_STORE file Information disclosure Microsoft CyberNews Team Bug Bounty2021-12-082023-06-13
2010Exploiting S3 bucket with path folder to Access PII info of A BANK AWS misconfiguration Information disclosure NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-12-092023-06-13
1977MS Teams: 1 feature, 4 vulnerabilities SSRF Information disclosure DoS Spoofing Microsoft Fabian Bräunlein Bug Bounty2021-12-222023-06-13
1974Information Disclosure leads to sensitive credential($$$) Information disclosure NA khan mamun (@mamunwhh) Bug Bounty2021-12-252023-06-13
1957Here’s How I Could Read Anyone’s Apple ID Metrics Remotely. Information disclosure Apple Faizan Ahmad Wani Bug Bounty2021-12-302023-06-13
1955Bug Hunting Journey of 2021 Stored XSS Open redirect Token leak CSRF Logic flaw Information disclosure IDOR Account takeover NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2021-12-312023-06-13
1934A Tale Of 5250$: How I Accessed Millions Of User’s Data Including Their National ID’s AWS misconfiguration Information disclosure NA Sam (@__Sam0_0) Bug Bounty2022-01-072023-06-13
1917120 Days of High Frequency Hunting SSRF LFI Information disclosure Broken Access Control Authentication bypass XSS SQL injection NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-152023-06-13
1903Hashing the Favicon.ico Information disclosure NA Ski Mask (@Ski_Mask0) Bug Bounty2022-01-212023-06-13
1901120 Days of Frequent Hacking SSRF LFI Information disclosure XSS SQL injection NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-212023-06-13
1900How I was able to find multiple vulnerabilities of a Symfony Web Framework web application Debug mode enabled Information disclosure NA Abid Ahmad (@RootIntrud3r) Bug Bounty2022-01-232023-06-13
1898Solarwinds Web Help Desk: When the Helpdesk is too Helpful Information disclosure Hardcoded credentials SolarWinds Assetnote Security Research Team (@assetnote) Bug Bounty2022-01-232023-06-13
1891How I could have read your confidential bug reports by simple mail? Information disclosure Logic flaw Microsoft Sudhakar Muthumani (@Sudhakarmuthu04) Bug Bounty2022-01-252023-06-13
1867A story of leaking uninitialized memory from Fastly HTTP/3 Memory leak Information disclosure Fastly Emil Lerner (@emil_lerner) Bug Bounty2022-02-012023-06-13
1861A misconfigured Apache Airflow to AWS Account Compromise Outdated component with a known vulnerability Privilege escalation Information disclosure NA Avinash Jain (@logicbomb_1) Bug Bounty2022-02-022023-06-13
1858How I Tracked You Around The Globe 🌎 Information disclosure Privacy issue Google (Waze) 0xdroopy (@NikhilK50866227) Bug Bounty2022-02-022023-06-13
1853Write Up – Private Bug Bounty: RCE In EC2 Instance Via SSH With Private Key Exposed On Public Github Repository – $xx,000 USD Information disclosure NA Omar Espino (@omespino) Bug Bounty2022-02-032023-06-13
1846Auth Bypass in Google Assistant Information disclosure Authentication bypass Google David Schütz (@xdavidhu) Bug Bounty2022-02-062023-06-13
1843What I Found on Sony Vulnerability Disclosure Program Information disclosure Lack of rate limiting Open redirect IDOR XSS Sony Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-02-072023-06-13