Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1106Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution Arbitrary Code Execution Local Privilege Escalation AVEVA Daan Keuper (@daankeuper) Bug Bounty2022-09-082023-06-13
1105QUEST KACE Desktop Authority Pre-Auth Remote Code Execution (CVE-2021-44031) RCE Path traversal Quest Tom Ellson (@tde_sec) Bug Bounty2022-09-082023-06-13
1104Fun With CORS CORS misconfiguration Token leak NA Talis Ozols Bug Bounty2022-09-082023-06-13
1103How I was able to see likes count even though is hidden by victim | YouTube Information disclosure Logic flaw Google R ando (@Rando02355205) Bug Bounty2022-09-082023-06-13
1102New technique 403 bypass lyncdiscover.microsoft.com 403 bypass Microsoft Abbas Heybati (@abbas_heybati) Bug Bounty2022-09-082023-06-13
1101Avalanche remote network crash DoS Ava Labs Pter Szilgyi (@peter_szilagyi) Bug Bounty2022-09-082023-06-13
1100Riding The Inforail To Exploit Ivanti Avalanche Part 2 RCE Insecure deserialization Path traversal Authentication bypass Unrestricted file upload Arbitrary file write Arbitrary file read Ivanti Piotr Bazydło (@chudyPB) Bug Bounty2021-09-082023-06-13
1098Attackers Can Bypass GitHub Required Reviewers to Submit Malicious Code Authorization flaw Logic flaw GitHub Noam Dotan Bug Bounty2022-09-082023-06-13
1097How I was able to Bypass Philips Authentication Outdated component with a known vulnerability Authentication bypass Philips ParagBagul Bug Bounty2022-09-102023-06-13
1096How I found 3 rare security bug in a day Session expiration issue Payment bypass Lack of rate limiting NA zer0d Bug Bounty2022-09-102023-06-13
1095Privacy Violation In Chat System Privacy issue NA Inderjeet Singh - rashahacks Bug Bounty2022-09-122023-06-13
1094SSRF(g/vrp) for 5000$ SSRF NA lalka (@0x01alka) Bug Bounty2022-09-122023-06-13
1093Contentful Access Token Disclosure in Android APK Information disclosure Android NA Cyberali Bug Bounty2022-09-122023-06-13
1092Bug Bounty - Cross-site request forgery is a thing CSRF XSS NA Patrick Hener (@C1sc01) Bug Bounty2022-09-122023-06-13
1091How I DIDN’T get an RCE in a $200 Billion company — Bug Bounty RCE Components with known vulnerabilities NA nynan (@_nynan) Bug Bounty2022-09-122023-06-13
1090LiveHelperChat - Remote Code Execution via Vulnerable Theme Upload Function RCE Live Helper Chat Arben Shala (@arbennsh) Bug Bounty2022-09-132023-06-13
1089Undermining Microsoft Teams Security by Mining Tokens Insecure storage of sensitive information Microsoft Vectra Protect team (@Vectra_AI) Bug Bounty2022-09-132023-06-13
1088Hacking Unity Games with Malicious GameObjects Arbitrary code execution RCE Unity Jason Kielpinski (@f2jason) Bug Bounty2022-09-132023-06-13
1087Blind XSS and Time-Based SQL Injection to Admin Panel Control and Database Takeover Blind XSS SQL injection NA Cyberali Bug Bounty2022-09-132023-06-13
1086Data Exfiltration through Blind XXE on PDF Generator Blind XXE WAF bypass NA Arben Shala (@arbennsh) Bug Bounty2022-09-132023-06-13
1085Colorful Vulnerabilities Memory corruption Buffer Overflow OpenRazer Tal Lossos (@TalLossos) Bug Bounty2022-09-142023-06-13
1084mast1c0re: Hacking the PS4 / PS5 through the PS2 Emulator - Part 1 - Escape Memory corruption PlayStation CTurt (@CTurtE) Bug Bounty2022-09-262023-06-13
1083Attacking the Android kernel using the Qualcomm TrustZone Memory corruption Qalcomm Google Tamir Zahavi-Brunner (@tamir_zb) Bug Bounty2022-09-142023-06-13
1082Pwn2Own Miami 2022: Unified Automation C++ Demo Server DoS DoS Unified Automation Sector 7 (@sector7_nl) Bug Bounty2022-09-142023-06-13
1081How I abused the file upload function to get a high severity vulnerability in Bug Bounty Unrestricted file upload Information disclosure NA Omar Hashem (@OmarHashem666) Bug Bounty2022-09-142023-06-13