| 5274 | SQL injections in Nokia sites. |
SQL injection |
Nokia |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2013-07-30 | 2023-06-13 |
| 5273 | Multiple Open URL Redirection Vulnerability on Facebook worth $1500 |
Open redirect |
Meta / Facebook |
Arul Kumar (@ArulVaiyapuri) |
Bug Bounty | 2022-08-05 | 2023-06-13 |
| 5272 | Delete any Photo from Facebook by Exploiting Support Dashboard - $12,500 Bug |
IDOR |
Meta / Facebook |
Arul Kumar (@ArulVaiyapuri) |
Bug Bounty | 2013-09-01 | 2023-06-13 |
| 5271 | Removing Covers Images on Friendship Pages, on Facebook |
Authorization flaw |
Meta / Facebook |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-09-25 | 2023-06-13 |
| 5270 | PayPal Bug Bounty: PayPaltech.com E-Mail Injection |
Email injection |
Paypal |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2013-09-26 | 2023-06-13 |
| 5269 | Facebook CSRF leading to full account takeover (fixed) |
CSRF
Account takeover |
Meta / Facebook |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2013-10-18 | 2023-06-13 |
| 5268 | Content Types and XSS: Facebook Studio |
XSS |
Meta / Facebook |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-10-21 | 2023-06-13 |
| 5267 | Facebook bug bounty: secondary damage (one report that leads to more bugs), fairness, and why I really like reporting to Facebook |
CSRF |
Meta / Facebook |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2013-10-21 | 2023-06-13 |
| 5266 | LFI in Nokia maps |
LFI |
Nokia |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-10-22 | 2023-06-13 |
| 5265 | Nokia email app pwnage |
XSS |
Nokia |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-10-22 | 2023-06-13 |
| 5264 | Instagram%27s One-Click Privacy Switch |
CSRF |
Meta / Facebook |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-10-31 | 2023-06-13 |
| 5263 | Oracle xss |
XSS |
Oracle |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-11-17 | 2023-06-13 |
| 5261 | Heroku Directory Transversal |
Path traversal |
Heroku |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-12-03 | 2023-06-13 |
| 5260 | Abusing CORS for an XSS on Flickr |
XSS |
Flickr |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-12-12 | 2023-06-13 |
| 5259 | Flickr XSS (Stored / DOM XSS) |
XSS |
Flickr |
Matt Austin (@mattaustin) |
Bug Bounty | 2013-12-18 | 2023-06-13 |
| 5258 | Imgur xss |
XSS |
Imgur |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-12-19 | 2023-06-13 |
| 5257 | Waze arbitrary file upload |
Unrestricted file upload
XSS |
Google (Waze) |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-12-25 | 2023-06-13 |
| 5256 | Google Sites: A Tale of Five Vulnerabilities |
XSS
LFI
HTML injection |
Google |
Bitquark (@bitquark) |
Bug Bounty | 2013-12-30 | 2023-06-13 |
| 5255 | How I hacked Github again. |
Open redirect
Account takeover
Information disclosure |
GitHub |
Egor Homakov (@homakov) |
Bug Bounty | 2014-02-07 | 2023-06-13 |
| 5254 | How I was able to track the location of any Tinder user. |
Information disclosure |
Tinder |
Max Veytsman (@mveytsman) |
Bug Bounty | 2014-02-19 | 2023-06-13 |
| 5253 | GitHub RCE Writeup |
RCE |
GitHub |
joernchen (@joernchen) |
Bug Bounty | 2014-02-22 | 2023-06-13 |
| 5252 | Tesla Motors blind SQL injection |
SQL injection |
Tesla |
Bitquark (@bitquark) |
Bug Bounty | 2014-02-23 | 2023-06-13 |
| 5251 | Google Exploit – Steal Account Login Email Addresses |
Information disclosure |
Google |
Tom Anthony (@TomAnthonySEO) |
Bug Bounty | 2014-03-08 | 2023-06-13 |
| 5250 | Facebook – Send Notifications to any User Exploit |
Logic flaw |
Meta / Facebook |
Brett Buerhaus (@bbuerhaus) |
Bug Bounty | 2014-04-07 | 2023-06-13 |
| 5249 | A Tale of 7 Vulnerabilities |
Stored XSS
Reflected XSS
Default credentials
Privilege escalation |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-04-20 | 2023-06-13 |
