Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4838Getting any Facebook user%27s friend list and partial payment card details Information disclosure IDOR Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2018-03-092023-06-13
4837How I hacked 74k users of a website. Authorization flaw NA Utkarsh Agrawal (@agrawalsmart7) Bug Bounty2018-03-112023-06-13
4836Union Based Sql injection Write up ->A private Company Site SQL injection NA Nur A Alam Dipu (@Dipu1A) Bug Bounty2018-03-122023-06-13
4835#BugBounty — “Let me reset your password and login into your account “-How I was able to Compromise any User Account via Reset Password Functionality Logic flaw Password reset Account takeover NA Avinash Jain (@logicbomb_1) Bug Bounty2018-03-142023-06-13
4834GraphQL abuse: Bypass account level permissions through parameter smuggling GraphQL Privilege escalation New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-03-142023-06-13
4833CVE-2017-13253: Buffer overflow in multiple Android DRM services Memory corruption Local Privilege Escalation Google Tamir Zahavi-Brunner (@tamir_zb) Bug Bounty2018-03-152023-06-13
4832Leaking WordPress CSRF Tokens for Fun, $1337 bounty, and CVE-2017-5489 CSRF WordPress Abdullah Hussam (@Abdulahhusam) Bug Bounty2018-03-152023-06-13
4831Google adwords 3133.7$ Stored XSS Stored XSS Google Emad Shanab (@Alra3ees) Bug Bounty2018-03-212023-06-13
4830Hacking Oracle in 5 Minutes Directory listing Oracle Rahul R Bug Bounty2018-03-252023-06-13
4829#BugBounty — Rewarded by securing vulnerabilities in Bookmyshow (India’s largest online movie & event booking portal) Host header injection IDOR BookMyShow Avinash Jain (@logicbomb_1) Bug Bounty2018-03-252023-06-13
4828Misconfiguration of Demographics Privacy in a Page Logic flaw Meta / Facebook Mark Christian Deduyo Bug Bounty2018-03-262023-06-13
4827Reflected XSS Moogaloop SWF ( Version < 6.2.x ) Flash XSS Reflected XSS Vimeo Mohamed Haron (@m7mdharon) Bug Bounty2018-03-262023-06-13
4826Google bug bounty for security exploit that influences search results Logic flaw Google Tom Anthony (@TomAnthonySEO) Bug Bounty2018-03-272023-06-13
4825Creating Test Conversion using any App Parameter tampering Meta / Facebook Joshua Regio Bug Bounty2018-03-272023-06-13
4824How I Could Have Promoted Any Facebook Page For Free. Logic flaw Meta / Facebook Anees Khan (@AneesEthical) Bug Bounty2018-03-302023-06-13
4823How I hacked one cryptocurrency service Blind XSS Reflected XSS CSRF PayKassa Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2018-03-312023-06-13
4822XSS In sports.tw.campaign.yahoo.net Reflected XSS Yahoo! / Verizon Media Mohamed Haron (@m7mdharon) Bug Bounty2018-03-312023-06-13
4821XSS in Yahoo Subdomain Flash XSS Yahoo! / Verizon Media Mohamed Haron (@m7mdharon) Bug Bounty2018-03-312023-06-13
4820My Best Small Report Bounty Report in Private Program ( Django REST framework Admin Login ByPass ) SQL injection Authentication bypass Account takeover NA Mohamed Haron (@m7mdharon) Bug Bounty2018-04-012023-06-13
4819Facebook BugBounty: Intercept incoming friend requests of Victim add/accept to your facebook account Authorization flaw Meta / Facebook Family guy Bug Bounty2018-04-022023-06-13
4818Beyond XSS: Edge Side Include Injection ESI injection SSRF XSS Squid Varnish Louis Dion-Marcil (@ldionmarcil) Bug Bounty2018-04-032023-06-13
4817How I caught Multiple vulnerabilities in Udemy.com, But not rewarded for serious XSS vulnerability :( XSS HTML injection Udemy Satyendra Shrivastava Bug Bounty2018-04-052023-06-13
4816#BugBounty — ” Your details are saved into my account”-User info disclosure Vulnerability in Practo (India’s biggest healthcare app) IDOR NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-052023-06-13
4815Link injection on 2 Twitter Subdomain Hyperlink injection Twitter Mohamed Haron (@m7mdharon) Bug Bounty2018-04-052023-06-13
4814“Exploiting a Single Parameter” SSRF XSS NA Hisham Mir (@Hishammir1) Bug Bounty2018-04-062023-06-13