Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1236UN United Nations Host Header Injection leads to any Full Account Takeover (ATO) Host header injection Password reset Account takeover United Nations Ahmed Hassan Bug Bounty2022-08-132023-06-13
1235Bypassing unexpected IDOR IDOR 40x bypass NA Bharatsingh Bug Bounty2022-08-132023-06-13
1234An Unusual Tale of Email Verification Bypass Email verification bypass Bruteforce Rate limiting bypass NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-132023-06-13
1233Escalating Open Redirect to XSS Open redirect XSS NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-132023-06-13
1232How I earned a $7000 bug bounty from Grab (RCE Unique Bugs) RCE Android Grab ANDRI Bug Bounty2022-08-132023-06-13
1231CVE-2022-30216 - Authentication coercion of the Windows “Server” service Off-by-one Error Authentication coercion Microsoft Ben Barnea (@nachoskrnl) Bug Bounty2022-08-132023-06-13
1230Story of 5000$ bounty for Grafana Panel Access in Apple Missing authentication Information disclosure Apple hckerl00 (@lokeshg62498939) Bug Bounty2022-08-132023-06-13
1229Remote Code Execution on Element Desktop Application using Node Integration in Sub Frames Bypass - CVE-2022-23597 RCE XSS Matrix (Element) s1r1us (@s1r1u5_) Bug Bounty2022-08-132023-06-13
1228XSS via Angular Template Injection CSTI XSS WAF bypass NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-132023-06-13
1227How I got into the United Nations’ Hall of Fame Missing authentication United Nations Ameya Andhare (@cryptoknight028) Bug Bounty2022-08-142023-06-13
1226Hacking Zyxel IP cameras to gain a root shell Missing authentication DoS Information disclosure Local Privilege Escalation Zyxel Eric Urban Bug Bounty2022-08-142023-06-13
1225URL filter bypass, RFI and XSS Stored XSS RFI NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1224The forgotten API and XSS filter bypass XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1223Five-minute hunting for hidden XSS Reflected XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-152023-06-13
12221day to 0day(CVE-2022-30024) on TP-Link TL-WR841N Memory corruption TP-Link Trần Minh Cường Bug Bounty2022-08-152023-06-13
1221Business Logic Vulnerability via IDOR IDOR Payment tampering NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-152023-06-13
1220Salesforce bug hunting to Critical bug Information disclosure Salesforce NA Vuk Ivanovic Bug Bounty2022-08-152023-06-13
1219We discovered major vulnerabilities in Control Web Panel. Here’s how we found them. Path traversal RCE Weak crypto Password reset Account takeover Centos Web Panel (CWP) Immersive Labs (@immersivelabs) Bug Bounty2022-08-152023-06-13
1218CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after Free Vulnerability Memory corruption RCE Microsoft Alex Nichols (@i4mchr00t) Bug Bounty2022-08-152023-06-13
1217Open Redirect at Nvidia Open redirect Nvidia Mohamed Abdelhady Bug Bounty2022-08-162023-06-13
1216FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug Memory corruption Local Privilege Escalation FreeBSD Security Team Chris (@accessvector) Bug Bounty2022-08-162023-06-13
1215Multiple Denial of Service (DoS) Vulnerabilities in GoProxy, Smokescreen libraries DoS Stripe Lorenzo Stella (@lorenzostella) Bug Bounty2022-08-162023-06-13
12142FA Bypass Do Re Mi MFA bypass NA Ashlyn Lau (@ashlyn_lau) Bug Bounty2022-08-162023-06-13
1213CSRF leads to Account Takeover | Samsung CSRF Account takeover Samsung R ando (@Rando02355205) Bug Bounty2022-08-162023-06-13
1211Monitoring Linux host metrics with the Node Exporter information disclosure $350 Information disclosure Missing authentication Slack Dhamotharan (@Dhamu_offi) Bug Bounty2022-08-162023-06-13