Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1080Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities OS command injection RCE MiTM Netgear Quentin Kaiser (@QKaiser) Bug Bounty2022-09-142023-06-13
1079Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804) RCE OS command injection Atlassian Maxwell Garrett (@TheGrandPew) Bug Bounty2022-09-142023-06-13
1078HTTP Desync Attack (Request Smuggling) - Mass Account Takeover at a Cryptocurrency based asset and 121 other websites HTTP Request Smuggling Desync attack NA Ankit Singh (@AnkitCuriosity) Bug Bounty2022-09-142023-06-13
1076Abusing Broken Link In Fitbit (Google Acquisition)To Collect BugBounty Reports On Behalf Of Google ! Broken link hijacking Google Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2022-09-162023-06-13
1075Getting Paid With Just Picking Color — Bug Bounty CSS injection NA Redza Bug Bounty2022-09-162023-06-13
1074Cloning internal Google repos for fun and… info? Authorization flaw Google Luke Berner Bug Bounty2022-09-162023-06-13
1073How i made the multiple hall of fame in Nokia within 2 minutes Clickjacking Nokia Vedavyasan Bug Bounty2022-09-172023-06-13
1072How an Akamai misconfiguration earned us USD 46.000 HTTP request smuggling Akamai Microsoft Apple Francesco Mariani (@_medusa_1_) Bug Bounty2022-09-172023-06-13
1071How i Found Unauthorized Bypass RCE RCE Old components with known vulnerabilities NA Yashshirke Bug Bounty2022-09-182023-06-13
1070SSRF Attack Leading To AWS Metadata SSRF CERT-EU ParagBagul Bug Bounty2022-09-182023-06-13
1069Bug Bounty { How I found an Sensitive Information Disclosure( Reconnaissance ) } Information disclosure NA S Rahul (@7srambo) Bug Bounty2022-09-182023-06-13
1068Turning Your Computer Into a GPS Tracker With Apple Maps Privacy issue Information disclosure Apple Ron Masas (@RonMasas) Bug Bounty2022-09-182023-06-13
1067Android Application Forgot Password Token Leakage Leading to Account Takeover Information disclosure Password reset Account takeover Android NA Cyberali Bug Bounty2022-09-192023-06-13
1066How to hack Github Actions CI/CD GitHub StackOverflowExcept1on Bug Bounty2022-09-192023-06-13
1065SSD Advisory – Linux CLOCK_THREAD_CPUTIME_ID LPE Memory corruption Race condition Kernel hacking Linux Kernel Organization - Bug Bounty2022-09-202023-06-13
1064Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286) Local Privilege Escalation Windows Driver hacking Seagate x86matthew (@x86matthew) Bug Bounty2022-09-202023-06-13
1063Privilege Escalation Leads to making authenticated actions (payment processing, creating invoices.. etc) Privilege escalation Authorization flaw NA X-Vector (@XVector11) Bug Bounty2022-09-202023-06-13
1062Tag Myself in Your Favorite TikTok Artist Video [IDOR] IDOR TikTok apapedulimu / Nosa Shandy (@LocalHost31337) Bug Bounty2022-09-202023-06-13
10617,500$ – IDOR on Apple [consultants.apple.com] IDOR Apple apapedulimu / Nosa Shandy (@LocalHost31337) Bug Bounty2022-09-202023-06-13
1060AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes Cloud Cross-tenant vulnerability Authorization flaw Oracle Elad Gabay (@eladgabay_) Bug Bounty2022-09-202023-06-13
1059Apollo Router Security Audit Report (Q2 2022) DoS CSRF Apollo GraphQL Norbert Szetei (@73696e65) Bug Bounty2022-09-202023-06-13
1058Securing Developer Tools: OneDev Remote Code Execution RCE SSRF Broken Access Control Container escape OneDev Paul Gerste Bug Bounty2022-09-202023-06-13
1057How we Abused Repository Webhooks to Access Internal CI Systems at Scale CI/CD NA Omer Gil (@omer_gil) Bug Bounty2022-09-202023-06-13
1056Parameters in Lambda Functions that lead to XSS and Injection XSS Serverless AWS Teri Radichel (@TeriRadichel) Bug Bounty2022-09-202023-06-13
1055Mass Assignment Leading to Pre Account Takeover Mass assignment NA Cyberali Bug Bounty2022-09-212023-06-13