Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3868NFC Beaming Bypasses Security Controls in Android [CVE-2019-2114] NFC Android Google Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2019-10-242023-06-13
3862Android Reddit App leaks images Information disclosure Reddit Eric Urban Bug Bounty2019-10-292023-06-13
3855Live Video facebook application (Android) its not expired when log out the device on https://www.facebook.com/settings?tab=security&section=sessions&view Logic flaw Meta / Facebook Naufal Septiadi Bug Bounty2019-10-302023-06-13
3805XSS Stored On [ Outlook Web — Outlook Android App ] Stored XSS Microsoft ElMahdi Mrhassel (@ElMrhassel) Bug Bounty2019-11-282023-06-13
3768Full Account Takeover (Android Application) Information disclosure Account takeover NA Vishal Bharad Bug Bounty2019-12-212023-06-13
3689Exploiting Insecure Firebase Database! Insecure Firebase database Android NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-02-042023-06-13
3656Hacking SMS API Service Provider of a Company |Android App Static Security Analysis | Bug Bounty POC Information disclosure Hardcoded credentials NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-02-192023-06-13
3518Indirect UXSS issue on a private Android target app Universal XSS NA Kunal pandey (@kunalp94) Bug Bounty2020-04-292023-06-13
3446XSS Stored On Messages In [ Outlook Web — Outlook Android App ] Stored XSS Microsoft ElMahdi Mrhassel (@ElMrhassel) Bug Bounty2020-05-282023-06-13
3357API Endpoint leads to Account Takeover In Android Application Exposed token generation endpoint Information disclosure NA Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2020-06-282023-06-13
3321From N/A to Resolved For BackBlaze Android App[Hackerone Platform] Bucket Takeover Hardcoded credentials Information disclosure BackBlaze Sahil Tikoo (@viperbluff) Bug Bounty2020-07-092023-06-13
3320Global grant uri in Android 8.0-9.0 (2018 year) Authorization flaw Google Dzmitry Lukyanenka (@vulnano) Bug Bounty2020-07-092023-06-13
3298Android pin bypass with rate limiting Lack of rate limiting Authentication bypass NA Baluz (@t3chman) Bug Bounty2020-07-182023-06-13
3297Creative Android pin bypass with Race conditon Race condition Authentication bypass NA Baluz (@t3chman) Bug Bounty2020-07-182023-06-13
3285Hunting Android Application Bugs Using Android Studio. Authorization flaw Client-side enforcement of server-side security Information disclosure NA Tarek Mohammed (@Conan0x3) Bug Bounty2020-07-242023-06-13
3241Smear phishing: a new Android vulnerability Phishing Android Google Jim Fisher (@MrJamesFisher) Bug Bounty2020-08-062023-06-13
3220Improper Implementation of My Status video time limit in WhatsApp Logic flaw Privacy issue Android Meta / Facebook Vishal Ranjan Bug Bounty2020-08-142023-06-13
3214Disclosing wifi password via content provider injection in Xiaomi Content provider injection Vulnerable Android content provider Android Xiaomi Vishwaraj Bhattrai (@vishwaraj101) Bug Bounty2020-08-162023-06-13
3185Oversecured automatically discovers persistent code execution in the Google Play Core Library Arbitrary Code Execution Android Google Oversecured (@OversecuredInc) Bug Bounty2020-08-282023-06-13
3170From Android Static Analysis to RCE on Prod RCE Directory listing Missing authentication NA Aditya Dixit (@zombie007o) Bug Bounty2020-09-072023-06-13
3165Universal XSS in Android WebView (CVE-2020-6506) Universal XSS Google Microsoft Twitter Alesandro Ortiz (@AlesandroOrtizR) Bug Bounty2020-09-102023-06-13
3159Firefox for Android: LAN Based Intent Triggering Insecure intent Android Mozilla initstring (@init_string) Bug Bounty2020-09-152023-06-13
3122Arbitrary code execution on Facebook for Android through download feature Arbitrary code execution Meta / Facebook Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2020-10-022023-06-13
3090Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers Authentication bypass JWT Android NHS COVID-19 App James Sanderson (@zofrex) Bug Bounty2020-10-202023-06-13
3067Ability To Backdoor Facebook For Android Insecure deeplink Android Meta / Facebook Ashley King (@AshleyKingUK) Bug Bounty2020-10-302023-06-13