| 4249 | Privilege escalation on private program. |
Privilege escalation
Information disclosure |
NA |
Imran Parray (@imranparray101) |
Bug Bounty | 2019-03-14 | 2023-06-13 |
| 4248 | How I was able to pwned 30000+ user’s webhook |
IDOR |
NA |
gujjuboy10x00 (@vis_hacker) |
Bug Bounty | 2019-03-14 | 2023-06-13 |
| 4247 | Target Finds Cross-Site Scripting in Microsoft SharePoint |
XSS |
Microsoft |
Target |
Bug Bounty | 2019-03-15 | 2023-06-13 |
| 4241 | Facebook Fizz integer overflow vulnerability (CVE-2019-3560) |
Integer overflow
Memory corruption |
Meta / Facebook |
Kevin Backhouse (@kevin_backhouse) |
Bug Bounty | 2019-03-19 | 2023-06-13 |
| 4240 | Slack announcement-only channel post restriction bypass |
Authorization flaw
Logic flaw |
Slack |
Rodney Beede |
Bug Bounty | 2019-03-20 | 2023-06-13 |
| 4238 | How to hunt for Malvertising ads on Android |
Android |
NA |
Kyle (@B3nac) |
Bug Bounty | 2019-03-21 | 2023-06-13 |
| 4237 | Google Books X-Hacking |
XS-Search |
Google |
Terjanq (@terjanq) |
Bug Bounty | 2019-03-21 | 2023-06-13 |
| 4230 | How I was able to turn self xss into reflected xss |
Reflected XSS |
NA |
Hein Thant Zin (@H3Lowr) |
Bug Bounty | 2019-03-31 | 2023-06-13 |
| 4228 | Comma is forbidden! No worries!! Inject in insert/update queries without it |
SQL injection |
NA |
Ahmed Sultan (@0x4148) |
Bug Bounty | 2019-03-31 | 2023-06-13 |
| 4225 | FileZilla Untrusted Search Path |
RCE |
FileZilla (EU-FOSSA 2) |
Chris Lyne (@lynerc) |
Bug Bounty | 2019-04-02 | 2023-06-13 |
| 4218 | Same-Origin Policy: From birth until today |
SOP bypass
Browser hacking
CSRF
CORS |
Mozilla
Google (Chrome)
Opera |
Alex Nikolova (@AaylaSecura1138) |
Bug Bounty | 2019-04-04 | 2023-06-13 |
| 4213 | How I got a trip to amsterdam through bug bounty |
Bruteforce |
NA |
Ninad Mathpati (@ninad_mathpati) |
Bug Bounty | 2019-04-07 | 2023-06-13 |
| 4207 | Account Takeover by chaining two vulnerabilities. |
CSRF
Open redirect
Account takeover |
NA |
Sheraz Khalid |
Bug Bounty | 2019-04-10 | 2023-06-13 |
| 4206 | Unauthenticated Account Takeover Through HTTP Leak |
HTML injection
HTTP Leak
Account takeover |
NA |
Nikhil (niks) (@niksthehacker) |
Bug Bounty | 2019-04-11 | 2023-06-13 |
| 4205 | [RCE] Remote code execution at api.PrivateProgram.com (CVE-2017-5638) |
RCE |
NA |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2019-04-12 | 2023-06-13 |
| 4204 | Web Cache Deception to API endpoint attack using cached token header |
Web cache deception |
NA |
Kunal pandey (@kunalp94) |
Bug Bounty | 2019-04-13 | 2023-06-13 |
| 4200 | How I hacked Vending Machine |
Violation of secure design principles |
NA |
Valeriy Shevchenko (@Krevetk0Valeriy) |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4198 | How i found credential enriched redis dump |
File disclosure
Information disclosure |
NA |
Ashish Kunwar (@D0rkerDevil) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4197 | A $5000 IDOR… |
IDOR |
NA |
Mr.Hacker (@mr_hacker0007) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4196 | Banner Grabbing to DoS and Memory Corruption |
DoS
Information disclosure |
NA |
Daniel V. (@d4niel_v) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4195 | Code execution - Evernote |
RCE
Path traversal |
Evernote |
Dhiraj (@mishradhiraj_) |
Bug Bounty | 2019-04-17 | 2023-06-13 |
| 4194 | PDFReacter SSRF to ROOT Level Local File Read which led to RCE |
SSRF
RCE |
NA |
Armaan Pathan (@armaancrockroax) |
Bug Bounty | 2019-04-18 | 2023-06-13 |
| 4193 | Scary Tickets😨 |
Ticket Trick |
NA |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2019-04-19 | 2023-06-13 |
| 4191 | Twitter - protected tweets exposure |
Information disclosure |
Twitter |
Terjanq (@terjanq) |
Bug Bounty | 2019-04-19 | 2023-06-13 |
| 4190 | [CONFIRMATION BYPASS ] |
Email verification bypass
Information disclosure |
NA |
Navneet (@na5n33t) |
Bug Bounty | 2019-04-21 | 2023-06-13 |
