Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
928Bypassing Mimecast URL and File Inspection Secure Email Gateway bypass Logic flaw Mimecast Patrick Sayler (@psaYler) Bug Bounty2022-10-202023-06-13
927SHA-3 Buffer Overflow Buffer Overflow Memory corruption Cryptographic issues XKCP Apple Python PHP PyPy SHA3 for Ruby Nicky Mouha Bug Bounty2022-10-202023-06-13
926Reverse Engineering the Apple Multipeer Connectivity Framework Authorization flaw Reverse engineering Networking Apple Simone Margaritelli (@evilsocket) Bug Bounty2022-10-202023-06-13
925The Curious Case Of The Password Database Cryptographic issues Zoho (ManageEngine) Travis Kaun (@W9HAX) Bug Bounty2022-10-202023-06-13
924Google VRP — [Insecure Direct Object Reference] $3133.70 IDOR Google Caesar Evan Santoso Bug Bounty2022-10-202023-06-13
923$1,000+ P1: PII Disclosure W/ IDOR IDOR NA Graham Zemel (@grahamzemel) Bug Bounty2022-10-212023-06-13
922Sail away, sail away, sail away RCE Privilege escalation NA Reino Mostert Bug Bounty2022-10-212023-06-13
921Broken Link Hijacking — My Second Finding on Hackerone! Broken link hijacking NA mehedishakeel (@mehedishakeel) Bug Bounty2022-10-232023-06-13
920How I Found Three Credentials Leak on One Google Dork on Bugcrowd program Information disclosure Cengage Ittipatjitrada (@IttipatJitrada) Bug Bounty2022-10-242023-06-13
919Missing Authentication in ZKTeco ZEM/ZMM Web Interface Missing authentication ZKTeco RedTeam Pentesting (@RedTeamPT) Bug Bounty2022-10-242023-06-13
918Finding Multiple Security Issues on Agorapulse Log4shell RCE Information disclosure Broken Access Control Privilege escalation Agorapulse Snap Sec (@snap_sec) Bug Bounty2022-10-242023-06-13
917Atlassian Jira Align, Version 10.107.4 Advisory SSRF Broken Access Control Privilege escalation Atlassian Jacob Shafer (@fibbot) Bug Bounty2022-10-242023-06-13
916How I Found A Simple Stored XSS Stored XSS NA Raymond Lind Bug Bounty2022-10-242023-06-13
915SSRF & LFI In Uploads Feature SSRF LFI NA Raymond Lind Bug Bounty2022-10-242023-06-13
9145000$ for Apple Stored Xss And Another Blind Xss Still under review Blind XSS Apple Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-10-242023-06-13
913Remote Code Execution by Abusing Apache Spark SQL SQL injection RCE NA Colin McQueen Bug Bounty2022-10-242023-06-13
912Stranger Strings: An exploitable flaw in SQLite Memory corruption Buffer Overflow DoS SQLite Andreas Kellas Bug Bounty2022-10-252023-06-13
911The Logging Dead: Two Event Log Vulnerabilities Haunting Windows DoS Microsoft Dolev Taler Bug Bounty2022-10-252023-06-13
910Eat What You Kill :: Pre-authenticated Remote Code Execution in VMWare NSX Manager RCE Insecure deserialization Security code review VMware Sina Kheirkhah (@SinSinology) Bug Bounty2022-10-252023-06-13
909Support supports a Hacker Social engineering Spoofing Authorization flaw Account takeover NA mechboy (@mechboy_) Bug Bounty2022-10-252023-06-13
908Chaining multiple vulnerabilities for credential stealing CSRF Self-XSS XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-10-252023-06-13
907Microsoft SharePoint Server Post-Authentication Server-Side Request Forgery vulnerability SSRF Microsoft Li Jiantao (@CurseRed) Bug Bounty2022-10-252023-06-13
906GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown OS command injection Arbitrary file read Information disclosure Account takeover Stored XSS Lack of rate limiting Weak credentials Password policy bypass GL.iNet Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-262023-06-13
905Stored XSS To Cookie Exfiltration Stored XSS NA Raymond Lind Bug Bounty2022-10-262023-06-13
904SSRF Bug Leads To AWS Metadata Exposure SSRF NA Raymond Lind Bug Bounty2022-10-262023-06-13