Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4525Add comment on a private Oculus Developer bug report IDOR Authorization flaw Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-10-182023-06-13
4511How Misconfigured API leaked user private information? IDOR Authorization flaw NA Yeasir Arafat Bug Bounty2018-10-262023-06-13
4475Facebook Vulnerability: Hiding from the view of Business Admin in the Business Manager Logic flaw Authorization flaw Meta / Facebook Ritish Kumar Singh Bug Bounty2018-11-152023-06-13
4473Creating unauthorized comments on Facebook Live Stream! Privilege escalation Authorization flaw Meta / Facebook Binit Ghimire (@WHOISbinit) Bug Bounty2018-11-162023-06-13
4431Facebook WhiteHat: Able to access group plan even after leaving the group Authorization flaw Logic flaw Meta / Facebook Family guy Bug Bounty2018-12-062023-06-13
4423How I could have stolen your photos from Google Parameter tampering Authorization flaw IDOR Google Gergő Turcsányi (@GergoTurcsanyi) Bug Bounty2018-12-112023-06-13
4403Exploiting Two Endpoints to get Account Takeover Authorization flaw Privilege escalation NA Hritik Sharma Bug Bounty2018-12-192023-06-13
4397Client side validation strikes again: PIN code bypass ! Client-side enforcement of server-side security Authentication bypass Authorization flaw Netflix Linxo Davy (@RandoriSec) Bug Bounty2018-12-222023-06-13
4394Unauthenticated user can upload an attachment at HackerOne Authorization flaw HackerOne Ahamed Morad (@Modam3r5) Bug Bounty2018-12-242023-06-13
4388Abusing ACL Permissions to Overwrite other User’s Uploaded Files/Videos on s3 Bucket Unrestricted file upload Authorization flaw NA Armaan Pathan (@armaancrockroax) Bug Bounty2018-12-302023-06-13
4386Bypassing Access Control in a Program on Hackerone !! Authorization flaw HackerOne Sahil Tikoo (@viperbluff) Bug Bounty2018-12-302023-06-13
4384A Curious Case From Little To Complete Email Verification Bypass Email verification bypass Authorization flaw NA Megaman (@N0_M3ga_Hacks) Bug Bounty2019-01-012023-06-13
4376Facebook Android Application Authorization flaw Meta / Facebook Ashley King (@AshleyKingUK) Bug Bounty2019-01-052023-06-13
4369Facebook PageAnalyst Could Add oneself as Moderator on Group Authorization flaw Meta / Facebook onehackzero Bug Bounty2019-01-112023-06-13
4340Facebook Change Product Availability as a PageAnalyst Logic flaw Authorization flaw Meta / Facebook onehackzero Bug Bounty2019-01-252023-06-13
4336A short tale of Account verification bypass Email verification bypass Authorization flaw NA Satyendra Kumar Bug Bounty2019-01-272023-06-13
4334Unsecured access to personal data of a million Leo Express users Authorization flaw XSS Leo Express Thomas Orlita (@ThomasOrlita) Bug Bounty2019-01-292023-06-13
4332Guest blog: Eray Mitrani - Hacking isn’t an exact science Authorization flaw NA Eray Mitrani (@ErayMitrani) Bug Bounty2019-01-292023-06-13
4328How I found a simple bug in Facebook without any Test Authorization flaw Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2019-01-312023-06-13
4284Exploiting Google Calendars Authorization flaw Information disclosure Uber Shopify Netflix Rojan Rijal (@uraniumhacker) Bug Bounty2019-02-222023-06-13
4282Download any organisation Data — S3 amazonaws Misconfiguration Authorization flaw NA Chand Singh (@Chand_42) Bug Bounty2019-02-222023-06-13
4267Fixed : Register any email address on Facebook Account Authorization flaw Meta / Facebook Sameer Rao Bug Bounty2019-03-052023-06-13
4260Inserting malware into anyone’s Google Earth Projects Archive IDOR XSS Authorization flaw Google Thomas Orlita (@ThomasOrlita) Bug Bounty2019-03-102023-06-13
4240Slack announcement-only channel post restriction bypass Authorization flaw Logic flaw Slack Rodney Beede Bug Bounty2019-03-202023-06-13
4202The Outlook Winner is Dash Authorization flaw Microsoft marcan2020 (@marcan2020) Bug Bounty2019-04-152023-06-13