| 4762 | How i got 100$ from one private website |
Information disclosure |
NA |
Aayush Pokhrel (@aayushpok) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
| 4761 | Fastest Fix on Open Bug Bounty Platform |
XSS
CSRF |
Kevag Telekom GmbH |
Wen Bin KONG (@kongwenbin) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
| 4760 | $36k Google App Engine RCE |
RCE |
Google |
Ezequiel Pereira (@epereiralopez) |
Bug Bounty | 2018-05-20 | 2023-06-13 |
| 4759 | Self-XSS + CSRF to Stored XSS |
Self-XSS
CSRF
Stored XSS |
NA |
Renwa (@RenwaX23) |
Bug Bounty | 2018-05-20 | 2023-06-13 |
| 4758 | Getting read access on Edmodo Production Server by exploiting SSRF |
SSRF |
Edmodo |
Shawar Khan (@ShawarkOFFICIAL) |
Bug Bounty | 2018-05-21 | 2023-06-13 |
| 4757 | AWS Security Flaw which can grant admin access! |
Authorization flaw |
Amazon |
Sharath AV |
Bug Bounty | 2018-05-22 | 2023-06-13 |
| 4756 | RCE by uploading a web.config |
RCE |
NA |
003random (@rub003) |
Bug Bounty | 2018-05-22 | 2023-06-13 |
| 4755 | #BugBounty — "How I was able to hack any user account via password reset?" |
IDOR
Account takeover
Password reset |
NA |
Bikash Gupta (@BgxDoc) |
Bug Bounty | 2018-05-23 | 2023-06-13 |
| 4754 | How I was able to see any private album passwrod in Picturepush — IDOR |
IDOR |
PicturePush |
Murtada Kamil |
Bug Bounty | 2018-05-23 | 2023-06-13 |
| 4753 | Persistent XSS to Steal Passwords – Paypal |
Stored XSS |
Paypal |
Akhil Reni (@akhilreni_hs) |
Bug Bounty | 2018-05-26 | 2023-06-13 |
| 4752 | reCAPTCHA bypass via HTTP Parameter Pollution |
Captcha bypass
HTTP parameter pollution |
Google |
Andres Riancho (@AndresRiancho) |
Bug Bounty | 2018-05-28 | 2023-06-13 |
| 4751 | How i was able to get admin panel on a private program |
Weak credentials |
NA |
Shahzad Sadiq (@ShahzadSadiq25) |
Bug Bounty | 2018-05-29 | 2023-06-13 |
| 4750 | How I got hall of fame in two fortune 500 companies — An RCE story… |
RCE |
NA |
Alfie (@emenalf) |
Bug Bounty | 2018-05-29 | 2023-06-13 |
| 4749 | How I found 5 store XSS on a private program. Each worth "1,016.66$" |
Stored XSS |
NA |
Shahzad Sadiq (@ShahzadSadiq25) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4748 | Account Takeover and Blind XSS! Go Pro, get Bugs! |
IDOR
Stored XSS
Account takeover
Blind XSS |
NA |
Tabahi (@_tabahi) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4747 | 5k$ for path traversal on *.paypal-corp.com subdomain |
Path traversal |
Paypal |
lalka (@0x01alka) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4746 | Reflected XSS in Yahoo Subdomain ( hk.movies.yahoo.com ) |
Reflected XSS |
Yahoo! / Verizon Media |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4745 | #Bug Bounty — How I booked a rental house for just 1.00 INR — Price Manipulation in Citrus Pay |
Parameter tampering |
NA |
Raghavendra Reddy |
Bug Bounty | 2018-05-31 | 2023-06-13 |
| 4744 | How I Earned $750 Bounty Reward From AT&T bug Bounty -Adesh Kolte |
RCE
Clickjacking
XSS
Same Origin Method Execution |
AT&T |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4743 | How i converted SSRF to XSS in Jira. |
SSRF
XSS |
NA |
Ashish Kunwar (@D0rkerDevil) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4742 | Getting PHP Code Execution and leverage access to panels,databases,server |
Code injection |
NA |
Shawar Khan (@ShawarkOFFICIAL) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4741 | How I Hacked Fotor & Got “Nothing” |
SSRF
RFI |
Fotor |
Somdev Sangwan (s0md3v) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4740 | Reading Your Emails With A Read&Write Chrome Extension Same Origin Policy Bypass (~8 Million Users Affected) |
SOP bypass
Browser extension hacking |
NA |
Matthew Bryant (@IAmMandatory) |
Bug Bounty | 2018-06-05 | 2023-06-13 |
| 4739 | Are you sure this is a trusted email? |
Open mail relay |
NA |
Khaled Hassan |
Bug Bounty | 2018-06-05 | 2023-06-13 |
| 4738 | Searching for XSS found LDAP injection |
LDAP injection |
NA |
Davide Tampellini (@tampe125) |
Bug Bounty | 2018-06-05 | 2023-06-13 |
