Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1210RCE on Spip and Root-Me, v2! RCE SSTI DNS rebinding XSS Code injection Unrestricted file upload SPIP Laluka (@TheLaluka) Bug Bounty2022-08-162023-06-13
1209Critical Local File Read in Electron Desktop App LFI Asana Renwa (@RenwaX23) Bug Bounty2022-08-172023-06-13
1208N/a to $750 bounty for a Blind XSS. Blind XSS NA Dirtycoder (@dirtycoder0124) Bug Bounty2022-08-182023-06-13
1207You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications XSS SMTP injection VMware Synology Apple Microsoft Google NextCloud Eugene Lim (@spaceraccoonsec) Bug Bounty2022-08-182023-06-13
1206Let%27s Dance in the Cache - Destabilizing Hash Table on Microsoft IIS! DoS Web cache poisoning Authentication bypass Microsoft Orange Tsai (@orange_8361) Bug Bounty2022-08-182023-06-13
1205Fishbowl Disclosure: CVE-2022-29805 Insecure deserialization Fishbowl Michael Rand Bug Bounty2022-08-182023-06-13
1204Trust Me, I’m a Robot: Can We Trust RPA With Our Most Guarded Secrets? Robotic Process Automation Insecure deserialization SQL injection MiTM Blue Prism Nimrod Stoler (@n1mr0d5) Bug Bounty2022-08-182023-06-13
1203Outlook CVE-2022-35742 DoS Microsoft insu (@hpy_insu) Bug Bounty2022-08-182023-06-13
1201Amazon Quickly Fixed A Vulnerability In Ring Android App That Could Expose Users’ Camera Recordings XSS iOS Android Amazon David Sopas (@dsopas) Bug Bounty2022-08-182023-06-13
1200Uncovering a ChromeOS remote memory corruption vulnerability Memory corruption Google Microsoft 365 Defender Research Team Bug Bounty2022-08-192023-06-13
1199Account takeover worth $1000 Account takeover Authentication bypass Information disclosure Password reset NA Faique (@imfaiqu3) Bug Bounty2022-08-192023-06-13
1198Never underestimate the power of open redirect, a story of a full account takeover Open redirect Account takeover Token leak NA Ibrahim Auwal (@ibrahimatix0x01) Bug Bounty2022-08-202023-06-13
1197VPNs on iOS are a scam Privacy issue Apple Michael Horowitz (@defensivecomput) Bug Bounty2022-08-202023-06-13
1196Failed Coding Assessment to Remote Code Execution - Part 1 RCE HackerEarth Akash Chhabra (@_hackingguy) Bug Bounty2022-08-202023-06-13
1195Blind command injection RCE OS command injection NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-212023-06-13
1194Blockchain Network is Secured! But not the apps and their Integrations Payment tampering Logic flaw NA Keyur Talati Bug Bounty2022-08-222023-06-13
1193How a Port scan got me Nokia Hall of Fame Missing authentication Information disclosure Nokia Mani Sashank Bug Bounty2022-08-222023-06-13
1192SSRF & Google HOF(Hall of Fame) SSRF Google Aman Pareek (@aman_notsogreat) Bug Bounty2022-08-222023-06-13
1191Useless path traversals in Zyxel admin interface (CVE-2022-2030) Path traversal Zyxel Maurizio Agazzini (@0x696e6f6465) Bug Bounty2022-08-222023-06-13
1190Vulnerability in Linux containers – investigation and mitigation Local Privilege Escalation Moby Project Steven Murdoch (@sjmurdoch) Bug Bounty2022-08-222023-06-13
1189Patch bypass for [CVE-2020-6369] Hard-coded Credentials in CA Introscope Enterprise Manager Hardcoded credentials Information disclosure SAP Arpine Maghakyan Bug Bounty2022-08-222023-06-13
1188Paracosme - CVE-2022-33318 - Remote Code Execution in ICONICS Genesis64 Memory corruption RCE ICONICS Axel Souchet (@0vercl0k) Bug Bounty2022-08-222023-06-13
1187Break Me Out Of Sandbox In Old Pipe - CVE-2022-22715 Windows Dirty Pipe Local Privilege Escalation Microsoft k0shl (@KeyZ3r0) Bug Bounty2022-08-232023-06-13
1186But You Told Me You Were Safe: Attacking The Mozilla Firefox Renderer (Part 1) Browser hacking RCE Prototype pollution Mozilla Hossein Lotfi (@hosselot) Bug Bounty2022-08-232023-06-13
1185[CVE-2020-2733] JD Edwards EnterpriseOne Tools admin password not adequately protected Information disclosure Oracle Vahagn Vardanyan (@vah_13) Bug Bounty2022-08-232023-06-13