Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2864$500 For No Rate Limit On Forgot Password Page Lack of rate limiting Password reset NA BBHC (@community_bug) Bug Bounty2021-01-272023-06-13
2778Is Math.random() Safe? from missing rate limit to bypass 2fa and possible sqli Race condition Lack of rate limiting OTP bypass SQL injection NA Yasser Mohammed (@boomneroli) Bug Bounty2021-02-202023-06-13
2699OTP brute-force via rate limit bypass Bruteforce Lack of rate limiting OTP bypass NA Bilal Muqeet (@blmqt) Bug Bounty2021-03-212023-06-13
222510 golden minutes for taking over a Chess.com account Lack of rate limiting Bruteforce Session expiration issue Chess.com Seqrity (@seqrity9) Bug Bounty2021-09-142023-06-13
2208Unlimited report user in Instagram (Facebook) leads to abuse risk. Lack of rate limiting Meta / Facebook Mano Prasanth Bug Bounty2021-09-202023-06-13
2085chaining improper authentication to idor and no rate limit for mass account takeover Account takeover Lack of rate limiting CSRF IDOR NA mohit (@mohit29295572) Bug Bounty2021-11-122023-06-13
2024How I managed to hack User accounts of a billion-dollar sport platform OTP bypass Bruteforce Lack of rate limiting NA Vishnuraj Bug Bounty2021-12-042023-06-13
1973Massive Users Account Takeovers(Chaining Vulnerabilities to IDOR)😲 Authentication bypass IDOR Lack of rate limiting NA Anurag__Verma Bug Bounty2021-12-252023-06-13
1894How I was able to take over accounts in websites deal with Github as an SSO provider Bruteforce Lack of rate limiting SSO Email verification bypass Account takeover NA Khaled Mohamed Bug Bounty2022-01-252023-06-13
1871Missing rate-limiting. How I was able to add any unowned phone number to my Facebook account? (Bounty: 5000 USD) OTP bruteforce Lack of rate limiting Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2022-01-312023-06-13
1863No Rate Limiting on OTP sending Bruteforce Lack of rate limiting NA nOOb_mAsTeR Bug Bounty2022-02-022023-06-13
1843What I Found on Sony Vulnerability Disclosure Program Information disclosure Lack of rate limiting Open redirect IDOR XSS Sony Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-02-072023-06-13
1749Rate Limit Bypass at Readme.com Lack of rate limiting Password reset Readme.com Girishbo Bug Bounty2022-03-112023-06-13
1586ATO without any interaction [aws cognito misconfiguration] Account takeover Lack of rate limiting GitHub Shreyaskoli (@SPY8OY) Bug Bounty2022-04-302023-06-13
1442Exploiting vulnerabilities in iOS Application IDOR Bruteforce Lack of rate limiting Account takeover iOS NA Raj Singh Chauhan (@raj_singh_ch) Bug Bounty2022-06-222023-06-13
1391PII Disclosure of Apple Users ($10k) IDOR Lack of rate limiting Bruteforce Information disclosure Apple Ahmad Halabi (@Ahmad_Halabi_) Bug Bounty2022-07-072023-06-13
1362Exploiting Arbitrary Object Instantiations in PHP without Custom Classes Lack of rate limiting Privilege escalation IDOR Account takeover NA Muhammad Talha / evilmango Bug Bounty2022-07-152023-06-13
1096How I found 3 rare security bug in a day Session expiration issue Payment bypass Lack of rate limiting NA zer0d Bug Bounty2022-09-102023-06-13
906GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown OS command injection Arbitrary file read Information disclosure Account takeover Stored XSS Lack of rate limiting Weak credentials Password policy bypass GL.iNet Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-262023-06-13
800My Account Takeover Writeup: $5000 Lack of rate limiting Bruteforce NA MRD7 (@_mrd7_) Bug Bounty2022-11-212023-06-13
727[BAC/IDOR] How my father credit card help me to find this access control issue IDOR Lack of rate limiting NA Xcoder(Joy ahmed) (@xcoder074) Bug Bounty2022-12-052023-06-13
704How I became a millionaire in 3h | Fintech Bug Bounty — Part 1 IDOR Lack of rate limiting Logic flaw NA 0x4KD (@0x4kd) Bug Bounty2022-12-122023-06-13
381My First Un-Expected $$$$ Digit Bounty for an Un-Expected Vulnerability Lack of rate limiting Bruteforce NA Shobhit Mehta Bug Bounty2023-02-282023-06-13