Write-ups

Check The Published Writeups

WDBTitleTagsProgramsAuthorsTypePublicationAdded
4099Password Bypass and Something Else… Authentication bypass NA Vibhurushi Chotaliya (@_Vibhurushi_) Bug Bounty2019-06-162023-06-13
4098Bypassing XSS filter and Stealing User Payment Data XSS NA Osama Avvan (@osamaavvan) Bug Bounty2019-06-172023-06-13
4097SQl Injection SQL injection NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2019-06-172023-06-13
4096Parameter Pollution issue in API resulting $XXX HTTP parameter pollution NA Smaran Chand (@smaranchand) Bug Bounty2019-06-172023-06-13
4095Using Burp Suite match and replace settings to escalate your user privileges and find hidden features Client-side enforcement of server-side security New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2019-06-172023-06-13
4092XSS Filter Evasion XSS NA m0z (@LooseSecurity) Bug Bounty2019-06-172023-06-13
4091Account Takeover with Clickjacking Clickjacking NA Osama Avvan (@osamaavvan) Bug Bounty2019-06-192023-06-13
4090Facebook Vulnerability: Unremovable Co-Host in facebook group events Logic flaw Meta / Facebook Ritish Kumar Singh Bug Bounty2019-06-192023-06-13
4089How a classical XSS can lead to persistent ATO Vulnerability? XSS Account takeover NA Milind Purswani (@MilindPurswani) Bug Bounty2019-06-192023-06-13
4087Self XSS To Evil XSS XSS NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2019-06-202023-06-13
4086IDOR: Payment Fraud IDOR Payment tampering NA Vibhurushi Chotaliya (@_Vibhurushi_) Bug Bounty2019-06-202023-06-13
4084$1800 worth Clickjacking Clickjacking NA Osama Avvan (@osamaavvan) Bug Bounty2019-06-212023-06-13
4083Catching support emails from my internet service provider Logic flaw T-Mobile Sander Lentink Bug Bounty2019-06-212023-06-13
4082How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105 XSS Microsoft Bryan Appleby (@bryapp)< Bug Bounty2019-06-212023-06-13
4080Password Reset Vulnerability — Full Account takeover (Insecure Direct Object Reference) Password reset IDOR Account takeover NA Muhammad Asim Shahzad (@protector47) Bug Bounty2019-06-222023-06-13
4079CSV injection at Comment Section. CSV injection NA Navneet (@na5n33t) Bug Bounty2019-06-242023-06-13
4077F5 Networks Endpoint Inspector – Browser-to-RCE? RCE F5 Dave U. Ramdon Bug Bounty2019-06-262023-06-13
4074CORS To CSRF Attack CORS misconfiguration CSRF NA Osama Avvan (@osamaavvan) Bug Bounty2019-06-272023-06-13
40731-Click Account Takeover in Virgool.io — a Nice Case Study Account takeover Open redirect NA Yashar Shahinzadeh (@YShahinzadeh) Bug Bounty2019-06-272023-06-13
4068One more Parameter manipulation bug (🤑) Parameter tampering NA Kanchan Singh Yadav (@KanchanSingh0) Bug Bounty2019-06-282023-06-13
4066Accidental IDOR IDOR NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2019-07-012023-06-13
4065How I escalated RFI into LFI RFI LFI NA Hassan Khan Yusufzai (@Splint3r7) Bug Bounty2019-07-012023-06-13
4062Yeah! I got P2 in 1 minute - Stored XSS via Markdown Editor Stored XSS NA Schopath Bug Bounty2019-07-022023-06-13
4061Finding hidden gems vol. 4: Rakefile a.k.a. how to get AWS keys again Information disclosure NA Mateusz Olejarka (@molejarka) Bug Bounty2019-07-032023-06-13
4060Story of a stored xss to full account takeover vulnerability(N/A to accepted) Stored XSS NA Jatin Aesthetic (@techyfreakk) Bug Bounty2019-07-042023-06-13