Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
669My First Bug In Bugcrowd Platform Race condition NA EX_097 Bug Bounty2022-12-212023-06-13
668Cisco BroadWorks CommPilot Application Software Unauthenticated Server-Side Request Forgery (CVE-2022-20951) SSRF Security code review Cisco smaury (@smaury92) Bug Bounty2022-12-212023-06-13
667RCE on admin panel of web3 website RCE Components with known vulnerabilities NA T VAMSHI Bug Bounty2022-12-212023-06-13
666Zero Click To Account Takeover (IDOR + XSS) IDOR XSS Account takeover NA Arman (@M7arm4n) Bug Bounty2022-12-212023-06-13
665Delete any Video or Reel on Facebook (11,250$) IDOR Meta / Facebook Bassem Bazzoun (@bassemmbazzoun)) Bug Bounty2022-12-212023-06-13
6640 click Facebook Account Takeover and Two-Factor Authentication Bypass Authentication bypass GraphQL Account takeover Android MFA bypass Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2022-12-212023-06-13
663Passwordless Persistence and Privilege Escalation in Azure Privilege escalation Cloud Azure AD Microsoft Andy Robbins (@_wald0) Bug Bounty2022-12-212023-06-13
662How Race Condition helped me break Business Logic of the application Race condition NA Inderjeet Singh (@3nc0d3dGuY) Bug Bounty2022-12-212023-06-13
661Multiple authenticated blind SQL Injections in Sage XRT Business Exchange application Blind SQL injection Sage Mickaël Benassouli (@mickaelweb) Bug Bounty2022-12-212023-06-13
660Puckungfu: A NETGEAR WAN Command Injection OS command injection Security code review Netgear McCaulay Hudson (@_mccaulay) Bug Bounty2022-12-222023-06-13
659ACSESSED: Cross-tenant network bypass in Azure Cognitive Search Cloud Cross-tenant vulnerability Privilege escalation Microsoft (Azure) Emilien Socchi (@emiliensocchi) Bug Bounty2022-12-222023-06-13
658ENLBufferPwn (CVE-2022-47949) Buffer Overflow Memory corruption RCE Nintendo PabloMK7 (@Pablomf6) Bug Bounty2022-12-222023-06-13
657$350 XSS in 15 minutes DOM XSS JSONP NA Anton (@therceman) Bug Bounty2022-12-232023-06-13
656Microsoft bug reports lead to ranking on Microsoft MSRC Quarterly Leaderboard (Q3 2022) XSS Microsoft Supakiad S. (@Supakiad_Mee) Bug Bounty2022-12-232023-06-13
655CRLF Injection — xxx$ — How was it possible for me to earn a bounty with the Cloudflare WAF? CRLF injection NA Proviesec (@proviesec) Bug Bounty2022-12-242023-06-13
654Bypass Apple’s redirection process with the dot (“.”) character Open redirect Apple can1337 (@canmustdie) Bug Bounty2022-12-242023-06-13
652Unusual 403 Bypass to a full website takeover [External Pentest] 403 bypass NA Viktor Mares Bug Bounty2022-12-252023-06-13
651How I Pwned 10 Admin Panels and got rewarded 8000$+? Information disclosure Credential stuffing NA Inderjeet Singh (@3nc0d3dGuY) Bug Bounty2022-12-252023-06-13
650Authentication Bypass in Nexus manager (version 3.37.3–02) Components with known vulnerabilities Authentication bypass HTTP response manipulation NA SHARAN.K Bug Bounty2022-12-262023-06-13
649Uncovering a Bug I Found in Outlook: How Could an Account Has Been Compromised? XSS Microsoft Cem Onat Karagun Bug Bounty2022-12-262023-06-13
648How I found multiple critical bugs in Red Bull Authentication bypass HTTP response manipulation Path traversal LFI XSS SQL injection RCE Unrestricted file upload RFI Security code review Red Bull Bartłomiej Bergier (@_bergee_) Bug Bounty2022-12-262023-06-13
647Turning Google smart speakers into wiretaps for $100k IoT Wifi hacking Google Matt Bug Bounty2022-12-262023-06-13
646The OWASSRF + TabShell exploit chain SSRF Path traversal Sandbox escape Microsoft Rskvp93 (@rskvp93) Bug Bounty2022-12-262023-06-13
645Stored XSS vulnerability in Microsoft booking Stored XSS CSP bypass Microsoft Mrtechghost Bug Bounty2022-12-272023-06-13
644Hacking a .NET API in the real world LFI NA Dana Epp (@DanaEpp) Bug Bounty2022-12-272023-06-13