Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1159Bypassing ModSecurity for RCEs WAF bypass Code injection RCE ModSecurity Somdev Sangwan (s0md3v) Bug Bounty2022-08-292023-06-13
1158Exploiting Improper Validation of Amazon Simple Notification Service SigningCertUrl Authorization flaw Signature validation bypass Amazon Eugene Lim (@spaceraccoonsec) Bug Bounty2022-08-302023-06-13
1157CVE-2021-38297 – Analysis of a Go Web Assembly vulnerability Memory corruption NA Uriya Yavnieli (@uriya_yavniely) Bug Bounty2022-08-302023-06-13
1156Found SQL Injection Vulnerability on Government Organization Website! SQL injection NA mehedishakeel (@mehedishakeel) Bug Bounty2022-08-302023-06-13
1155My findings on Hack U.S Program Missing authentication .git folder disclosure Information disclosure U.S. Dept Of Defense Charansai Bug Bounty2022-08-302023-06-13
1154IDOR at Login function leads to leak user’s PII data IDOR Information disclosure NA Eslam Akl (@eslam3kll) Bug Bounty2022-08-302023-06-13
1153mfa bypass in private program, the abdulsec way MFA bypass NA abdulsec (@moodiAbdoul) Bug Bounty2022-08-302023-06-13
1152CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM Arbitrary file write Local Privilege Escalation Fortinet David Yesland (@daveysec) Bug Bounty2022-08-302023-06-13
1151HTMLI/XSS - Crafting a better PoC XSS HTML injection NA RiotSecurityTeam (@RiotSecTeam) Bug Bounty2022-08-302023-06-13
1150Saving more than 100,000 website from a Watering Hole attack Web cache poisoning Watering hole attack HubSpot mohamad mahmoudi (@Lotus_619) Bug Bounty2022-08-312023-06-13
1149Vulnerability in TikTok Android app could lead to one-click account hijacking Insecure deeplink Android TikTok Microsoft 365 Defender Research Team Bug Bounty2022-08-312023-06-13
1148How reading robots.txt file got me 4 XSS reports ? XSS NA Ahmed Qaramany (@c0nqr0r) Bug Bounty2022-08-312023-06-13
1147Abusing Microsoft Teams Direct Routing Spoofing Fraud attack AudioCodes Ltd. Moritz Abrell (@moritz_abrell) Bug Bounty2022-09-012023-06-13
1146SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) Memory corruption Local Privilege Escalation Ubuntu Linux Kernel Organization Cedric Halbronn (@saidelike) Bug Bounty2022-09-012023-06-13
1145How did we Found Log4shell on Agorapulse Log4shell RCE Agorapulse Snap Sec (@snap_sec) Bug Bounty2022-09-012023-06-13
1144Using Hackability to uncover a Chrome infoleak SOP bypass Google Gareth Heyes (@garethheyes) Bug Bounty2022-09-012023-06-13
1143Azure Synapse: Local Privilege Escalation Vulnerability in Spark Race condition Local Privilege Escalation Cloud Microsoft Tzah Pahima (@TzahPahima) Bug Bounty2022-09-012023-06-13
1142AngularJS Client-Side Template Injection: The orderBy Filter. CSTI NA Jay Bug Bounty2022-09-012023-06-13
1141Google & Apache Found Vulnerable to GitHub Environment Injection Privilege escalation CI/CD Google Apache Noam Dotan Bug Bounty2022-09-012023-06-13
1140How can i get SQL Injection SQL injection NA Mohamed Abdelhady Bug Bounty2022-09-022023-06-13
1139The Database Handover | A Dumb Mistake | Critical BUG Information disclosure NA Saransh Saraf (@mr23r0) Bug Bounty2022-09-022023-06-13
1138Viewing Instagram live streams anonymously without notifying the host IDOR Logic flaw Privacy issue Meta / Facebook David Schütz (@xdavidhu) Bug Bounty2022-09-022023-06-13
1137Caching the Un-cacheables - Abusing URL Parser Confusions (Web Cache Poisoning Technique) Web cache poisoning XSS DoS Glassdoor Harel (@h4r3l) Bug Bounty2022-09-022023-06-13
1136Discovery of CVE-2022-35406 Logic flaw Referer leakage PortSwigger Mr. Vrushabh (@doshi_vrushabh) Bug Bounty2022-09-032023-06-13
1135How I found my first SSRF to RCE! IDOR SSRF RCE NA Md. Asif Hossain (@0x0asif) Bug Bounty2022-09-042023-06-13