Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4737Zero to Account Takeover: How I Impersonated’ Someone Else Using Auth0 Logic flaw Auth0 Daniel Svartman Bug Bounty2018-06-052023-06-13
4736#BugBounty —" Database hacked of India’s Popular Sports company"-Bypassing Host Header to SQL injection to dumping Database — An unusual case of SQL injection. SQL injection NA Avinash Jain (@logicbomb_1) Bug Bounty2018-06-062023-06-13
4735How I found XSS via SSRF vulnerability -Adesh Kolte SSRF XSS CERT-EU Motorola Stanford Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2018-06-072023-06-13
4734How I was able to list some internal information from PayPal #BugBounty Expression Language Injection (JSTL) Information disclosure Paypal Adrien Jeanneau (@adrien_jeanneau) Bug Bounty2018-06-072023-06-13
4733Steam, Fire, and Paste – A Story of UXSS via DOM-XSS & Clickjacking in Steam Inventory Helper DOM XSS Universal XSS Clickjacking Browser extension hacking NA Matthew Bryant (@IAmMandatory) Bug Bounty2018-06-082023-06-13
4732[PayPal BBP] I could’ve deleted All SMC messages. Using Brute-Force technique. CSRF Paypal Ayoub Ait Elmokhtar (@aessadek) Bug Bounty2018-06-102023-06-13
4731How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL XXE NA Darrell Damstedt Bug Bounty2018-06-112023-06-13
4730Server-Side Spreadsheet Injection – Formula Injection to Remote Code Execution CSV injection Server side spreadsheet injection Formula injection RCE Google Jake Miller Bug Bounty2018-06-112023-06-13
4729Full account Takeover via reset password function IDOR Account takeover Password reset NA Khaled Hassan Bug Bounty2018-06-122023-06-13
4728Unvalidated Open Redirect Bol.com Open redirect Bol.com Jonathan Bouman (@JonathanBouman) Bug Bounty2018-06-122023-06-13
4727Vulnerability Netflix (cross-site-scripting) XSS Reflected XSS Netflix Bada Diaz (@bada77) Bug Bounty2018-06-132023-06-13
4726How I got paid premium plan for free on many popular websites Logic flaw NA Khaled Hassan Bug Bounty2018-06-132023-06-13
4725The 2.5 BTC Stored XSS Stored XSS NA Khaled Hassan Bug Bounty2018-06-132023-06-13
4724Reflected XSS in 360totalsecurity Reflected XSS 360totalsecurity Taha Smily (@tahakhantaha) Bug Bounty2018-06-142023-06-13
4723Reflected Client XSS at Amazon.com Reflected XSS Amazon Jonathan Bouman (@JonathanBouman) Bug Bounty2018-06-152023-06-13
4722How i found blind XSS in Apple Blind XSS Apple Taha Smily (@tahakhantaha) Bug Bounty2018-06-182023-06-13
4721[Responsible disclosure] How I could have booked movie tickets through other user accounts Password reset Account takeover Bruteforce OTP bypass AGS Cinemas Bharathvaj Ganesan Bug Bounty2018-06-182023-06-13
4720Manage Engine OpManager Multiple Authenticated RCE Vulnerabilities RCE Path traversal Unrestricted file upload Information disclosure Arbitrary file write Zoho (ManageEngine) Denis Andzakovic Bug Bounty2018-06-182023-06-13
4719I discovered a browser bug Browser hacking Mozilla Microsoft Jake Archibald (@jaffathecake) Bug Bounty2018-06-202023-06-13
4718Setting arbitrary request headers in Chromium via CRLF injection CRLF injection Google Michał Bentkowski (@SecurityMB) Bug Bounty2018-06-202023-06-13
4717Using a GitHub app to escalate to an organization owner for a $10,000 bounty Authorization flaw IDOR GitHub Tanner Emek (@itscachemoney) Bug Bounty2018-06-202023-06-13
4716XSS in Google Colaboratory + CSP bypass XSS CSP bypass Google Michał Bentkowski (@SecurityMB) Bug Bounty2018-06-212023-06-13
4715How I hacked Apple.com (Unrestricted File Upload) Unrestricted file upload Apple Jonathan Bouman (@JonathanBouman) Bug Bounty2018-06-222023-06-13
4714Fastest Fix on Open Bug Bounty Platform Reflected XSS CSRF Kevag Telekom GmbH Wen Bin KONG (@kongwenbin) Bug Bounty2018-06-242023-06-13
4713How I got access to local AWS info via Jira SSRF NA Coen Goedegebure (@CoenHimself) Bug Bounty2018-06-242023-06-13