Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
81DLL Hijacking Strikes Back: Exploiting Windows on ARM RDP Client (CVE-2023-24905) DLL Hijacking Local Privilege Escalation Microsoft (Windows) Dor Dali Bug Bounty2023-05-172023-06-13
80Arbitrary email forgery in Webflow Email spoofing Phishing Webflow Antoine Carrincazeaux Bug Bounty2023-05-172023-06-13
79KeePass Master Password Exploit - CVE-2023-32784 - Proof Of Concept (POC) Plaintext Storage of a Password Thick client KeePass Luke Kavanagh Bug Bounty2023-05-172023-06-13
78A $1,000,000 bounty? The KuCoin User Information Leak Information disclosure Zendesk Authorization flaw Security misconfiguration NA Corben Leo (@hacker_) Bug Bounty2023-05-182023-06-13
77How Misconfigured and Vulnerable Devices Could Expose Your Company to Physical and Cyber Threats IoT Default credentials Internal pentest NA Arben Shala (@arbennsh) Bug Bounty2023-05-182023-06-13
76Stored Iframe Injection & Permanent Open Redirection - Zero Day HTML injection Open redirect Discourse Jerry Shah (@Jerry) Bug Bounty2023-05-182023-06-13
75Blind OS Command Injection via Activation Request OS command injection NA Arumusutakimu (@arumusutakimu) Bug Bounty2023-05-182023-06-13
74Blind OS Command Injection via Activation Request Memory corruption Buffer Overflow Out-of-bounds Read VMware Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2023-05-182023-06-13
73Official extension spoofing attacks: when trusted add-ons are not so trusted Extension spoofing Account takeover XSS NA Yesenia Trejo (@Yess_2021xD) Bug Bounty2023-05-192023-06-13
72DNS Recursion Leads to DoS Attack Vivo Play (IPTV) — CVE-2023–31893 DoS Vivo Shooter Bug Bounty2023-05-202023-06-13
71Exposing iCloud user’s Name, phone numbers, and email addresses. Information disclosure Apple (iCloud) Renganathan (@IamRenganathan) Bug Bounty2023-05-202023-06-13
70Why You Should Always Check The Audit Log [Medium] — $500 Information disclosure NA Emanuel Beni Harijanto Bug Bounty2023-05-202023-06-13
69Exploiting SQL Error SQLSTATE[42000] To Own MariaDB of A Large Online Media Leader SQL injection NA nav1n (@nav1n0x) Bug Bounty2023-05-202023-06-13
68AEM Bug in Adobe AEM Missing authentication Security misconfiguration Adobe Muhammad Mater (@micro0x00) Bug Bounty2023-05-202023-06-13
672FA Bypass Using Custom Cookie Parameter MFA bypass Android NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2023-05-222023-06-13
66I helped a top Indian health benefits management platform from major PII leak by hacking their SQL Servers, AWS instance, DCs etc. SQL injection NA nav1n (@nav1n0x) Bug Bounty2023-05-222023-06-13
65Azure DNS Takeover @ Swisscom DNS takeover Swisscom Hussein Ayoub Bug Bounty2023-05-222023-06-13
64Red team: Journey from RCE to have total control of cloud infrastructure RCE SSTI Container escape Kubernetes Components with known vulnerabilities CI/CD NA Quang Vo (@mr_r3bot) Bug Bounty2023-05-222023-06-13
63CVE 2023 25690 - Proof of Concept HTTP Request Smuggling HTTP request splitting CRLF injection Apache HTTP Server dhmosfunk (@DSkfunk) Bug Bounty2023-05-222023-06-13
62Tampering with Conditional Access Policies Using Azure AD Graph API Cloud Privilege escalation Microsoft (Azure) Secureworks Counter Threat Unit (@Secureworks) Bug Bounty2023-05-232023-06-13
61From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over GraphQL IDOR Mass assignment NA Tom Neaves Bug Bounty2023-05-232023-06-13
60Salt Labs exposes a new vulnerability in popular OAuth framework, used in hundreds of online services OAuth Account takeover Expo Codeacademy.com Aviad Carmel (@AviadCarmel) Bug Bounty2023-05-242023-06-13
59GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure Cloud Privilege escalation Google (GCP) Ofir Balassiano (@ofir_balassiano) Bug Bounty2023-05-242023-06-13
58Unintended Path to Exam Domination - AWS EC2 Meta-Data Cloud Privilege escalation NA Dr. Michael Gschwender (@rootcathacking) Bug Bounty2023-05-242023-06-13
57how I found a tricky XSS XSS NA Ziad Ali Bug Bounty2023-05-242023-06-13