Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4951Abusing new Claps feature in Medium IDOR Medium Sai Krishna Kothapalli (@kmskrishna) Bug Bounty2017-10-292023-06-13
4937How I Pwned a company using IDOR & Blind XSS IDOR Blind XSS NA Osama Ansari (@AnsariOsama10) Bug Bounty2017-11-152023-06-13
4924Image removal vulnerability in Facebook polling feature IDOR Meta / Facebook Pouya Darabi (@Pouyadarabi) Bug Bounty2017-11-252023-06-13
4904Abusing internal API to achieve IDOR in New Relic IDOR New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-01-022023-06-13
4900Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1) IDOR NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2018-01-042023-06-13
4898#BugBounty — How I was able to read chat of users in an Online travel portal IDOR NA Avinash Jain (@logicbomb_1) Bug Bounty2018-01-102023-06-13
4876How I was able to Download Any file from Web server! XSS IDOR NA hammadhassan924 Bug Bounty2018-01-272023-06-13
4872Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1) IDOR NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2018-02-032023-06-13
4869How I found IDOR on Twitter’s Acquisition – Mopub.com IDOR Twitter Jay Jani (@JayJani007) Bug Bounty2018-02-052023-06-13
4865Taking over Facebook accounts using Free Basics partner portal Information disclosure IDOR Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2018-02-072023-06-13
4851Modifying any Ad Space and Placement IDOR Meta / Facebook Joshua Regio Bug Bounty2018-02-222023-06-13
4848How I was able to delete any image in Facebook community question forum IDOR Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-02-242023-06-13
4838Getting any Facebook user%27s friend list and partial payment card details Information disclosure IDOR Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2018-03-092023-06-13
4829#BugBounty — Rewarded by securing vulnerabilities in Bookmyshow (India’s largest online movie & event booking portal) Host header injection IDOR BookMyShow Avinash Jain (@logicbomb_1) Bug Bounty2018-03-252023-06-13
4816#BugBounty — ” Your details are saved into my account”-User info disclosure Vulnerability in Practo (India’s biggest healthcare app) IDOR NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-052023-06-13
4805How I hacked companies related to the crypto currency and earned $60,000 Authorization flaw CSRF IDOR Stored XSS HTML injection okex.com livecoin.net Max (@0xw2w) Bug Bounty2018-04-142023-06-13
4800Spoof an user to create a description of a group in Flickr IDOR Flickr Samuel (@saamux) Bug Bounty2018-04-162023-06-13
4797IDOR (at Private Bug Bounty Program) that could Leads to Personal Data Leaks IDOR NA YoKo Kho (@YokoAcc) Bug Bounty2018-04-172023-06-13
4796How I Get the Name of the Hotel (and other Data) that you ever Stay - Personal Data Leaks: Private Bug Bounty Program IDOR NA YoKo Kho (@YokoAcc) Bug Bounty2018-04-182023-06-13
4795Ribose — IDOR with Simple CSRF Bypass — Unrestricted Changes and Deletion to other Photo Profile IDOR Ribose YoKo Kho (@YokoAcc) Bug Bounty2018-04-182023-06-13
4782Bypassing the Confirmation Email for Newsletter (bof.nl) Authorization flaw IDOR Bits of Freedom Mohammed Israil (@mdisrail2468) Bug Bounty2018-04-262023-06-13
4775Disclose Private Video Thumbnail from Facebook WorkPlace IDOR Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-05-032023-06-13
4763How i HACKED admin account via password reset IDOR function of one private currency exchanger site IDOR Account takeover Password reset NA Aayush Pokhrel (@aayushpok) Bug Bounty2018-05-192023-06-13
4755#BugBounty — "How I was able to hack any user account via password reset?" IDOR Account takeover Password reset NA Bikash Gupta (@BgxDoc) Bug Bounty2018-05-232023-06-13
4754How I was able to see any private album passwrod in Picturepush — IDOR IDOR PicturePush Murtada Kamil Bug Bounty2018-05-232023-06-13