| 4788 | Three Cases, Three Open Redirect Bypasses |
Open redirect |
NA |
Mmohammed Eldeeb (@malcolmx0x) |
Bug Bounty | 2018-04-22 | 2023-06-13 |
| 4787 | DOM XSS in Google VRView library |
DOM XSS |
Google |
Federico Fazzi (@federicofazzi) |
Bug Bounty | 2018-04-23 | 2023-06-13 |
| 4786 | How we got LFI in apache Drill (Recon like a boss) |
LFI |
NA |
gujjuboy10x00 (@vis_hacker) |
Bug Bounty | 2018-04-23 | 2023-06-13 |
| 4785 | XSS “403 forbidden” bypass write up |
XSS |
NA |
Nur A Alam Dipu (@Dipu1A) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4784 | The Unknown Hero-App Logic Bugs |
Logic flaw |
Canva |
Circle Ninja (@circleninja) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4783 | How I earned 60K+ from private program |
Open redirect
Subdomain takeover
XSS
HTTP parameter pollution |
NA |
Siva Krishna Samireddi (@le4rner) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4782 | Bypassing the Confirmation Email for Newsletter (bof.nl) |
Authorization flaw
IDOR |
Bits of Freedom |
Mohammed Israil (@mdisrail2468) |
Bug Bounty | 2018-04-26 | 2023-06-13 |
| 4781 | Reflected XSS on Stack Overflow |
Reflected XSS |
Stack Overflow |
ssid (@newp_th) |
Bug Bounty | 2018-04-27 | 2023-06-13 |
| 4780 | #BugBounty — How I was able to bypass firewall to get RCE and then went from server shell to get root user account! |
RCE |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-04-29 | 2023-06-13 |
| 4779 | How I found 2.9 RCE at Yahoo! Bug Bounty program |
RCE |
Yahoo! / Verizon Media |
Kedrisec (@kedrisec) |
Bug Bounty | 2018-04-30 | 2023-06-13 |
| 4777 | Story Of a Stored XSS Bypass |
Open redirect |
Zerocopter |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-04-30 | 2023-06-13 |
| 4776 | Stealing money from one account to another account |
Logic flaw |
NA |
Ajay Gautam (@evilboyajay) |
Bug Bounty | 2018-05-02 | 2023-06-13 |
| 4775 | Disclose Private Video Thumbnail from Facebook WorkPlace |
IDOR |
Meta / Facebook |
Sarmad Hassan (@JubaBaghdad) |
Bug Bounty | 2018-05-03 | 2023-06-13 |
| 4774 | $4500 bounty - How I got lucky |
Subdomain takeover |
NA |
Eray Mitrani (@ErayMitrani) |
Bug Bounty | 2018-05-03 | 2023-06-13 |
| 4773 | How I Got Paid $0 From the India’s largest online gifting portal — Bug Bounty Program |
Payment tampering
Parameter tampering |
NA |
Hariom Vashisth |
Bug Bounty | 2018-05-05 | 2023-06-13 |
| 4772 | A Five Minute SQL-I |
SQL injection |
NA |
Ashish Jha |
Bug Bounty | 2018-05-06 | 2023-06-13 |
| 4771 | Asus Control Center – An Information Disclosure and a database connection Clear-Text password leakage Vulnerability |
Authorization flaw
Information disclosure |
Asus |
Mohamed A. Baset |
Bug Bounty | 2018-05-08 | 2023-06-13 |
| 4770 | Internet Safety for Kids & Families — Trend Micro Bypass DOM XSS |
DOM XSS |
Trend Micro |
Honc (@honcbb) |
Bug Bounty | 2018-05-08 | 2023-06-13 |
| 4769 | How I used a simple Google query to mine passwords from dozens of public Trello boards |
Authorization flaw
Information disclosure |
Trello |
Kushagra Pathak (@xKushagra) |
Bug Bounty | 2018-05-09 | 2023-06-13 |
| 4768 | HSTS Bypass Vulnerability in IE Preview |
HSTS bypass |
Microsoft |
Xiaoyin Liu (@general_nfs) |
Bug Bounty | 2018-05-15 | 2023-06-13 |
| 4767 | Whatsapp- DOS vulnerability on Android/iOS/Web |
DoS |
Meta / Facebook |
Pratheesh P Narayanan (@PRATHEESH_PPN) |
Bug Bounty | 2018-05-15 | 2023-06-13 |
| 4766 | How I was able to get subscription of $120/year For Free |
Payment bypass |
WeTransfer |
Muhammad Khizer Javed (@khizer_javed47) |
Bug Bounty | 2018-05-18 | 2023-06-13 |
| 4765 | Xss in Microsoft |
XSS |
Microsoft |
hacker_eth |
Bug Bounty | 2018-05-18 | 2023-06-13 |
| 4764 | Stored XSS in Yahoo and all subdomains! |
Stored XSS |
Microsoft |
Hakim Bencella (@H4kst3r) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
| 4763 | How i HACKED admin account via password reset IDOR function of one private currency exchanger site |
IDOR
Account takeover
Password reset |
NA |
Aayush Pokhrel (@aayushpok) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
