Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1359Authorization token leak from verify email endpoint Account takeover Information disclosure NA Vengeance Bug Bounty2022-07-162023-06-13
1353A Story Of My First Bug Bounty Information disclosure NA Raj Qureshi (@RajQureshi9) Bug Bounty2022-07-172023-06-13
1352FFUF-ing RECON, or how to get to P1–P3 from a slightly different recon vHost misconfiguration 403 bypass Information disclosure NA Vuk Ivanovic Bug Bounty2022-07-172023-06-13
1346Authomize Discovers PassBleed Password Stealing and Impersonation Risks in Okta Sensitive data sent over an unencrypted channel Authorization flaw Information disclosure Okta Authomize (@Authomize) Bug Bounty2022-07-192023-06-13
1343Logging Passwords in Plaintext in Azure Arc Information disclosure Local Privilege Escalation Cloud Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-192023-06-13
1330How I was able to Take over a support chat using leaked Keys Information disclosure NA Pliskin Bug Bounty2022-07-222023-06-13
1325$$$ bounty in less 3 minutes from a google dork Information disclosure NA Steiner254 (@steiner254) Bug Bounty2022-07-232023-06-13
1319With Management Comes Risk: Finding Flaws in FileWave MDM Authentication bypass Hardcoded credentials Information disclosure Filewave Claroty%27s Team82 (@Claroty) Bug Bounty2022-07-252023-06-13
1315Digging JS files to find BUGs IDOR Information disclosure NA Adnan Malik (@adnanmalikinfo) Bug Bounty2022-07-252023-06-13
1282Elasticsearch A Easy Win For Bug Bounty Hunters || How To Find and Report Information disclosure NA Tamim Hasan (@tamimhasan404) Bug Bounty2022-08-032023-06-13
1264From Shared Dash to Root Bash :: Pre-Authenticated RCE in VMWare vRealize Operations Manager Authentication bypass Information disclosure Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-092023-06-13
1258403 Forbidden Bypass Leading to Admin Endpoint Access. 403 bypass Information disclosure NA Christian Dray (@G0ds0nXY) Bug Bounty2022-08-102023-06-13
1245IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit Authentication bypass Information disclosure CSRF RCE Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-112023-06-13
1230Story of 5000$ bounty for Grafana Panel Access in Apple Missing authentication Information disclosure Apple hckerl00 (@lokeshg62498939) Bug Bounty2022-08-132023-06-13
1226Hacking Zyxel IP cameras to gain a root shell Missing authentication DoS Information disclosure Local Privilege Escalation Zyxel Eric Urban Bug Bounty2022-08-142023-06-13
1220Salesforce bug hunting to Critical bug Information disclosure Salesforce NA Vuk Ivanovic Bug Bounty2022-08-152023-06-13
1211Monitoring Linux host metrics with the Node Exporter information disclosure $350 Information disclosure Missing authentication Slack Dhamotharan (@Dhamu_offi) Bug Bounty2022-08-162023-06-13
1199Account takeover worth $1000 Account takeover Authentication bypass Information disclosure Password reset NA Faique (@imfaiqu3) Bug Bounty2022-08-192023-06-13
1193How a Port scan got me Nokia Hall of Fame Missing authentication Information disclosure Nokia Mani Sashank Bug Bounty2022-08-222023-06-13
1189Patch bypass for [CVE-2020-6369] Hard-coded Credentials in CA Introscope Enterprise Manager Hardcoded credentials Information disclosure SAP Arpine Maghakyan Bug Bounty2022-08-222023-06-13
1185[CVE-2020-2733] JD Edwards EnterpriseOne Tools admin password not adequately protected Information disclosure Oracle Vahagn Vardanyan (@vah_13) Bug Bounty2022-08-232023-06-13
1155My findings on Hack U.S Program Missing authentication .git folder disclosure Information disclosure U.S. Dept Of Defense Charansai Bug Bounty2022-08-302023-06-13
1154IDOR at Login function leads to leak user’s PII data IDOR Information disclosure NA Eslam Akl (@eslam3kll) Bug Bounty2022-08-302023-06-13
1139The Database Handover | A Dumb Mistake | Critical BUG Information disclosure NA Saransh Saraf (@mr23r0) Bug Bounty2022-09-022023-06-13
1107Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED) Hardcoded credentials Memory corruption MiTM Information disclosure Baxter Healthcare Deral Heiland (@Percent_X) Bug Bounty2022-09-082023-06-13