Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
346Accessing to Data Sources of any Facebook Business account via IDOR in GraphQL IDOR GraphQL Meta / Facebook Mukund Bhuva (@MukundBhuva) Bug Bounty2023-03-062023-06-13
329Self XSS To Stored Through IDOR/ IDOR Self-XSS Stored XSS NA Arben Shala (@arbennsh) Bug Bounty2023-03-082023-06-13
302CVE-2023–24625 / IDOR in Faveo Service Desk IDOR Faveo cupc4k3 Bug Bounty2023-03-142023-06-13
290How I chained multiple High-impact vulnerabilities to create a critical one. Account takeover IDOR OTP bypass HTTP response manipulation NA Vinay Jagetiya (@princej_76) Bug Bounty2023-03-172023-06-13
280Credit card statement disclosure vulnerability in Viseca%27s eXpense portal IDOR Viseca Pentagrid (@pentagridsec) Bug Bounty2023-03-202023-06-13
248Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) RCE XSS Cloud Microsoft (Azure) Lidor Ben Shitrit Bug Bounty2023-03-302023-06-13
222Let me Unmask my next 👻 IDOR Payment bypass Tinder g30rgy th3 d4rk (@Crypt0g30rgy) Bug Bounty2023-04-062023-06-13
196From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR Debug mode enabled IDOR Information disclosure JWT Broken Access Control Exposed registration page NA Aayush Vishnoi (@AayushVishnoi10) Bug Bounty2023-04-142023-06-13
188[Responsible Disclosure] How we could have deleted any Linkedin post IDOR LinkedIn Anand Prakash (@anandpraka_sh) Bug Bounty2023-04-182023-06-13
99One Bug at a Time: I failed my quiz on purpose to get $1,000! IDOR NA atomiczsec (@atomiczsec) Bug Bounty2023-05-122023-06-13
61From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over GraphQL IDOR Mass assignment NA Tom Neaves Bug Bounty2023-05-232023-06-13