Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5031Stealing Access Token of One-drive Integration By Chaining CSRF Vulnerability OAuth CSRF NA Arbaz Hussain (@ArbazKiraak) Bug Bounty2017-07-182023-06-13
5028That Escalated Quickly : From partial CSRF to reflected XSS to complete CSRF to Stored XSS CSRF Reflected XSS Stored XSS NA Mandeep Jadon (@1337tr0lls) Bug Bounty2017-07-192023-06-13
5006Chain the vulnerabilities and take your report impact on the moon (CSRF to HTML INJECTION which results OPEN REDIRECT and could steal USER CREDENTIALS) CSRF HTML injection Legal Robot Armaan Pathan (@armaancrockroax) Bug Bounty2017-08-122023-06-13
4995Luminate Store Basics defacement and potential takeover CSRF Session management issue Yahoo! / Verizon Media Rojan Rijal (@uraniumhacker) Bug Bounty2017-08-302023-06-13
4960Leaking Amazon.com CSRF Tokens Using Service Worker API CSRF Amazon Abdullah Hussam (@Abdulahhusam) Bug Bounty2017-10-112023-06-13
4935Bypassing Crossdomain Policy and Hit Hundreds of Top Alexa Sites CSRF NA Ak1T4 (@akita_zen) Bug Bounty2017-11-162023-06-13
4930Account Take Over Vulnerability in Google acquisition [Famebit] CSRF Google Hassan Khan Yusufzai Bug Bounty2017-11-172023-06-13
4896#BugBounty — How I was able to delete anyone’s account in an Online Car Rental Company CSRF Parameter tampering NA Avinash Jain (@logicbomb_1) Bug Bounty2018-01-142023-06-13
4895Hacking Facebook accounts using CSRF in Oculus-Facebook integration CSRF Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2018-01-152023-06-13
4891$1800 in less than an hour. CSRF XSS Indeed yappare (@yappare) Bug Bounty2018-01-172023-06-13
4878JSON CSRF attack on a Social Networking Site[Hackerone Platform] CSRF Badoo Sahil Tikoo (@viperbluff) Bug Bounty2018-01-262023-06-13
4832Leaking WordPress CSRF Tokens for Fun, $1337 bounty, and CVE-2017-5489 CSRF WordPress Abdullah Hussam (@Abdulahhusam) Bug Bounty2018-03-152023-06-13
4823How I hacked one cryptocurrency service Blind XSS Reflected XSS CSRF PayKassa Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2018-03-312023-06-13
4805How I hacked companies related to the crypto currency and earned $60,000 Authorization flaw CSRF IDOR Stored XSS HTML injection okex.com livecoin.net Max (@0xw2w) Bug Bounty2018-04-142023-06-13
4795Ribose — IDOR with Simple CSRF Bypass — Unrestricted Changes and Deletion to other Photo Profile IDOR Ribose YoKo Kho (@YokoAcc) Bug Bounty2018-04-182023-06-13
4761Fastest Fix on Open Bug Bounty Platform XSS CSRF Kevag Telekom GmbH Wen Bin KONG (@kongwenbin) Bug Bounty2018-05-192023-06-13
4759Self-XSS + CSRF to Stored XSS Self-XSS CSRF Stored XSS NA Renwa (@RenwaX23) Bug Bounty2018-05-202023-06-13
4732[PayPal BBP] I could’ve deleted All SMC messages. Using Brute-Force technique. CSRF Paypal Ayoub Ait Elmokhtar (@aessadek) Bug Bounty2018-06-102023-06-13
4714Fastest Fix on Open Bug Bounty Platform Reflected XSS CSRF Kevag Telekom GmbH Wen Bin KONG (@kongwenbin) Bug Bounty2018-06-242023-06-13
4686How I was able to delete 13k+ Microsoft Translator projects CSRF IDOR Microsoft Haider Mahmood (@haiderinfosec) Bug Bounty2018-07-192023-06-13
4612Send request to Martians. Earthlings are already your friends. CSRF Google Sagar VD Bug Bounty2018-09-012023-06-13
4586How I hijacked your account when you opened my cat picture Logout CSRF NA Matti Bijnens (@MattiBijnens) Bug Bounty2018-09-142023-06-13
4572R-XSS -> CSRF bypass to account takeover/ Reflected XSS CSRF NA Nirmal Dahal (@TheNittam) Bug Bounty2018-09-212023-06-13
4557Collecting Shells by the Sea of NAS Vulnerabilities OS command injection XSS CSRF Lenovo Rick Ramgattie (@RRamgattie) Bug Bounty2018-10-012023-06-13
4550An interesting Google vulnerability that got me 3133.7 reward. CSRF Google Ebrahem Hegazy (@Zigoo0) Bug Bounty2018-10-042023-06-13