Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
749Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential for unauthorized database access Cloud SQL injection Privilege escalation Information disclosure IBM Ronen Shustin (@ronenshh) Bug Bounty2022-12-012023-06-13
735Account Takeover - Inside The Tenant Account takeover Information disclosure NA Jerry Shah (@Jerry) Bug Bounty2022-12-032023-06-13
728OTP Leaking Through Cookie Leads to Account Takeover Information disclosure Account takeover NA ag3n7 Bug Bounty2022-12-052023-06-13
725How we breached ZDFheute live on television Information disclosure Zweites Deutsches Fernsehen CyberCitizen Bug Bounty2022-12-062023-06-13
722How you can find your first bug using google Information disclosure NA shbugger1 Bug Bounty2022-12-072023-06-13
721A03:2021 — [Injection] SQL Injection through internal directory disclose SQL injection Information disclosure NA Tushar Bug Bounty2022-12-072023-06-13
716STRIPE Live Key Exposed:: Bounty: $1000 Information disclosure NA Vipul Sahu Bug Bounty2022-12-092023-06-13
703PII data exfiltration within minutes Information disclosure NA Mayank Garg Bug Bounty2022-12-122023-06-13
701CVE-2022-20942: It%27s not old functionality, it%27s vintage Information disclosure Cisco Silver Security (@SugarFiendSec) Bug Bounty2022-12-132023-06-13
671Owning half of a government assets through AWS Information disclosure Hardcoded API keys NA g30rgy th3 d4rk (@Crypt0g30rgy) Bug Bounty2022-12-202023-06-13
651How I Pwned 10 Admin Panels and got rewarded 8000$+? Information disclosure Credential stuffing NA Inderjeet Singh (@3nc0d3dGuY) Bug Bounty2022-12-252023-06-13
640Feedback Analyzer Exploitation Information disclosure NA hacker_might Bug Bounty2022-12-282023-06-13
621Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Account takeover SSO RCE Authorization bypass SQL injection Mass assignment Information disclosure Kia Honda Infiniti Nissan Acura Mercedes-Benz Hyundai Genesis BMW Rolls Royce Ferrari Spireon Ford Reviver Porsche Toyota Jaguar Land Rover SiriusXM Sam Curry (@samwcyo) Bug Bounty2023-01-032023-06-13
615I scanned every package on PyPi and found 57 live AWS keys Information disclosure Amazon Intel Stanford The Australian Government Tom Forbes Bug Bounty2023-01-062023-06-13
589Critical Vulnerability through OSINT only Information disclosure NA Viktor Mares Bug Bounty2023-01-152023-06-13
576From Error_Log File(P4) To Company Account Takeover(P1) and Unauthorized Actions On API Information disclosure NA Muhanad Israiwi (@IsrewyMohand) Bug Bounty2023-01-172023-06-13
574How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall of Fame Information disclosure Oracle ParagBagul Bug Bounty2023-01-182023-06-13
555How i was able to get critical bug on google by get full access on [Google Cloud BI Hackathon] Information disclosure Google Orwa Atyat (@GodfatherOrwa) Bug Bounty2023-01-222023-06-13
537Disclosing Facebook page admins by playing a game Logic flaw Information disclosure Meta / Facebook Sudip Shah Bug Bounty2023-01-282023-06-13
536PHP Development Server <= 7.4.21 - Remote Source Disclosure Source code disclosure Information disclosure Security code review PHP Rahul Maini (@iamnoooob) Bug Bounty2023-01-282023-06-13
516Broken Function Level Authorization leads to disclosing PII Information of all company users Broken Function Level Authorization Information disclosure NA Mirza Muhammad Fauzan Bug Bounty2023-01-312023-06-13
500Play with Google, Twitter, Apple, Dell XSS HTML injection IDOR Information disclosure Google Twitter Apple Dell rezaduty (@rezaduty) Bug Bounty2023-02-032023-06-13
471Information disclosure or GDPR breach? A Google tale… Privacy issue Information disclosure Missing authentication Google Luke Berner Bug Bounty2023-02-102023-06-13
434Found an URL in the android application source code which lead to an IDOR Android Information disclosure IDOR NA Vengeance Bug Bounty2023-02-182023-06-13
430Exposing 185M+ Indians’ Personal Information and much more Broken Access Control IDOR Information disclosure Aadhaar CERT-In Robin Justin (@_robinjustin_) Bug Bounty2023-02-202023-06-13