Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4737Zero to Account Takeover: How I Impersonated’ Someone Else Using Auth0 Logic flaw Auth0 Daniel Svartman Bug Bounty2018-06-052023-06-13
4729Full account Takeover via reset password function IDOR Account takeover Password reset NA Khaled Hassan Bug Bounty2018-06-122023-06-13
4721[Responsible disclosure] How I could have booked movie tickets through other user accounts Password reset Account takeover Bruteforce OTP bypass AGS Cinemas Bharathvaj Ganesan Bug Bounty2018-06-182023-06-13
4712Account Take over via reset password Password reset Account takeover NA Yasser Gersy (@yassergersy) Bug Bounty2018-06-252023-06-13
4710How re-signing up for an account lead to account takeover Logic flaw Account takeover NA Zseano (@zseano) Bug Bounty2018-06-262023-06-13
4705Chaining Multiple Vulnerabilities to Gain Admin Access IDOR Account takeover NA Ben Sadeghipour (@nahamsec) Bug Bounty2018-07-022023-06-13
4699#BugBounty - Compromising User Account- "How I was able to compromise user account via HTTP Parameter Pollution(HPP)" HTTP parameter pollution Password reset Account takeover NA Avinash Jain (@logicbomb_1) Bug Bounty2018-07-072023-06-13
4690Hacking thousands of companies through their helpdesk Account takeover DoS Logic flaw NA Khaled Hassan Bug Bounty2018-07-172023-06-13
4651From data leak to account takeover Account takeover Information disclosure Password reset NA Antony Garand (@AntoGarand) Bug Bounty2018-08-072023-06-13
4649My First Critical Report Password reset Account takeover NA Miguel Corral (@mcorral74) Bug Bounty2018-08-082023-06-13
4634IDOR leads to account takeover IDOR NA s0cket7 (@s0cket7) Bug Bounty2018-08-162023-06-13
4606Simple Login Brute Force / Current Password Requirement Bypass IDOR Account takeover Bruteforce NA Mandeep Jadon (@1337tr0lls) Bug Bounty2018-09-072023-06-13
4584IDOR User Account Takeover By Connecting My Facebook Account with victims Account IDOR Meta / Facebook Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-09-162023-06-13
4583User Account takeover in India’s largest digital business company Account takeover OTP bypass NA Minali Arora (@AroraMinali) Bug Bounty2018-09-162023-06-13
4572R-XSS -> CSRF bypass to account takeover/ Reflected XSS CSRF NA Nirmal Dahal (@TheNittam) Bug Bounty2018-09-212023-06-13
4522A possibility of Account Takeover in Medium Account takeover Logic flaw Medium Prashant Kumar (@notsoshant) Bug Bounty2018-10-202023-06-13
4513CSRF account takeover Explained Automated/Manual — Bug Bounty CSRF Account takeover OpenMenu Vulnerables Bug Bounty2018-10-262023-06-13
4503It’s all in the detail: Email leak & Account takeover thanks to WayBackMachine & extensive knowledge about the program Information disclosure Authentication bypass Account takeover NA Zseano (@zseano) Bug Bounty2018-10-302023-06-13
4500P1 Like a Boss | Information Disclosure via Github leads to Employee Account Takeover | Bug Bounty POC Information disclosure NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-11-012023-06-13
4495Full Account Takeover via Referer Header (OAuth token Steal, Open Redirect Vulnerability Chaining) Open redirect Token leak Account takeover NA Muhammad Asim Shahzad (@protector47) Bug Bounty2018-11-032023-06-13
4493Duplicate but still cool IDOR Account takeover NA Plenum (@plenumlab) Bug Bounty2018-11-052023-06-13
4471HackenProof Customer Story: Uklon XSS IDOR Blind XSS Account takeover Uklon HackenProof (@hackenproof) Bug Bounty2018-11-162023-06-13
4441Love Story Of A Account Takeover (Chaining Host Header Injection To Takeover Someones Account) Host header injection NA Logical Bimboo Bug Bounty2018-11-302023-06-13
4425Token Brute-Force to Account Take-over to Privilege Escalation to Organization Take-Over Account takeover Privilege escalation Bruteforce NA Plenum (@plenumlab) Bug Bounty2018-12-102023-06-13
4422Microsoft Account Takeover Vulnerability Affecting 400 Million Users Subdomain takeover OAuth Meta / Facebook Aviva Zacks Bug Bounty2018-12-112023-06-13