Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4889Reflected File Download ( RFD ) in www.Google.com Reflected File Download Google Mohamed Haron (@m7mdharon) Bug Bounty2018-01-182023-06-13
4888How I got $13337 bounty From Google Weak credentials Google Sreeram KL (@kl_sree) Bug Bounty2018-01-182023-06-13
4887Internshala Bug in Internshala Student Partner Bruteforce Internshala Circle Ninja (@circleninja) Bug Bounty2018-01-202023-06-13
4886File Disclosure via .DS_Store file (macOS) Directory listing Meta / Facebook Omar Espino (@omespino) Bug Bounty2018-01-232023-06-13
4885Asus Cross Site Scrpting And Directory Listing Vulnerability Directory listing XSS Asus Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2018-01-232023-06-13
4884#BugBounty @ Linkedln-How I was able to bypass Open Redirection Protection Open redirect LinkedIn Avinash Jain (@logicbomb_1) Bug Bounty2018-01-242023-06-13
4883Reflected XSS + Possible Server Side Template Injection in HubSpot CMS ( All Websites Uses HubSpot was affected ) Reflected XSS HubSpot Mohamed Haron (@m7mdharon) Bug Bounty2018-01-242023-06-13
4882No RCE? Then SSH to the box! LFI Path traversal RCE NA Jasmin Laundry (@JR0ch17) Bug Bounty2018-01-252023-06-13
4881[Yahoo Bug Bounty] Unauthorized Access to Unisphere Management Server Debugging Facility on https://bf1-uaddbcx-002.data.bf1.yahoo.com/Debug/ Authorization flaw Yahoo! / Verizon Media Peerzada Fawaz Ahmad Qureshi Bug Bounty2018-01-252023-06-13
4880Full Account Takeover through CORS with connection Sockets CORS misconfiguration Account takeover NA Samuel (@saamux) Bug Bounty2018-01-252023-06-13
4879Here’s how I could’ve ridden for free with Uber Logic flaw Uber Anand Prakash (@anandpraka_sh) Bug Bounty2018-01-262023-06-13
4878JSON CSRF attack on a Social Networking Site[Hackerone Platform] CSRF Badoo Sahil Tikoo (@viperbluff) Bug Bounty2018-01-262023-06-13
4877How I got 22000$ worth ethereum Blind XSS NA Shubham Gupta (@hackerspider1) Bug Bounty2018-01-262023-06-13
4876How I was able to Download Any file from Web server! XSS IDOR NA hammadhassan924 Bug Bounty2018-01-272023-06-13
4875Getting access to prompt debug dialog and serialized tool on main website facebook.com Information disclosure Debug mode enabled Meta / Facebook Omar Espino (@omespino) Bug Bounty2018-01-312023-06-13
4874How I was able to Bypass XSS Protection on HackerOne’s Private Program XSS NA Jay Jani (@JayJani007) Bug Bounty2018-02-022023-06-13
4873Internal IPs disclosure Information disclosure Nokia Omar Espino (@omespino) Bug Bounty2018-02-022023-06-13
4872Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1) IDOR NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2018-02-032023-06-13
4871#BugBounty — "I don%27t need your current password to login into your account" - How could I completely takeover any user%27s account in an online classified ads company. Authentication bypass NA Avinash Jain (@logicbomb_1) Bug Bounty2018-02-032023-06-13
4870Facebook mailto injection leads to social engineering & spam attack Mailto injection Meta / Facebook Rahul Kankrale (@RahulKankrale) Bug Bounty2018-02-032023-06-13
4869How I found IDOR on Twitter’s Acquisition – Mopub.com IDOR Twitter Jay Jani (@JayJani007) Bug Bounty2018-02-052023-06-13
4868SQL injection with load file and into outfile SQL injection NA NoGe (@p4c3n0g3) Bug Bounty2018-02-052023-06-13
4867How I gained access to Sony’s database Path traversal Sony Rahul R Bug Bounty2018-02-062023-06-13
4866Bug bounty left over (and rant) Part III (Google and Twitter) OAuth Authentication flaw Information disclosure Google Twitter Antonio Sanso (@asanso) Bug Bounty2018-02-062023-06-13
4865Taking over Facebook accounts using Free Basics partner portal Information disclosure IDOR Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2018-02-072023-06-13