Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4748Account Takeover and Blind XSS! Go Pro, get Bugs! IDOR Stored XSS Account takeover Blind XSS NA Tabahi (@_tabahi) Bug Bounty2018-05-302023-06-13
4729Full account Takeover via reset password function IDOR Account takeover Password reset NA Khaled Hassan Bug Bounty2018-06-122023-06-13
4717Using a GitHub app to escalate to an organization owner for a $10,000 bounty Authorization flaw IDOR GitHub Tanner Emek (@itscachemoney) Bug Bounty2018-06-202023-06-13
4705Chaining Multiple Vulnerabilities to Gain Admin Access IDOR Account takeover NA Ben Sadeghipour (@nahamsec) Bug Bounty2018-07-022023-06-13
4697Gsuite Hangouts Chat 5k IDOR IDOR Google Cam (@SecretlyHidden1) Bug Bounty2018-07-102023-06-13
4686How I was able to delete 13k+ Microsoft Translator projects CSRF IDOR Microsoft Haider Mahmood (@haiderinfosec) Bug Bounty2018-07-192023-06-13
4679IDOR FACEBOOK: malicious person add people to the "Top Fans" IDOR Meta / Facebook Jafar Abo Nada (@Jafar_Abo_Nada) Bug Bounty2018-07-212023-06-13
4662#BugBounty — @Paytm Customer Information is at risk — India’s largest digital wallet company IDOR Paytm Avinash Jain (@logicbomb_1) Bug Bounty2018-08-032023-06-13
4650How I hacked a Crypto Exchange (Bug Bounty Writeup) IDOR NA Muhammad Abdullah Bug Bounty2018-08-072023-06-13
4637IDOR leads to getting Access tokens of users linked to Google Drive on Edmodo IDOR Edmodo Aagam shah (@neutrinoguy) Bug Bounty2018-08-122023-06-13
4634IDOR leads to account takeover IDOR NA s0cket7 (@s0cket7) Bug Bounty2018-08-162023-06-13
4632YAHOO IDOR -elimination of any comment IDOR Yahoo! / Verizon Media Bada Diaz (@bada77) Bug Bounty2018-08-172023-06-13
4626Privileged Escalation in Facebook Messenger Rooms Privilege escalation IDOR Meta / Facebook Jafar Abo Nada (@Jafar_Abo_Nada) Bug Bounty2018-08-242023-06-13
4622IDOR FACEBOOK: malicious person add people to the “Top Fans” IDOR Meta / Facebook Jafar Abo Nada (@Jafar_Abo_Nada) Bug Bounty2018-08-282023-06-13
4607#BugBounty — How Naaptol (India’s popular home shopping company) Kept their Millions of User Data at Risk! IDOR Naaptol Avinash Jain (@logicbomb_1) Bug Bounty2018-09-072023-06-13
4606Simple Login Brute Force / Current Password Requirement Bypass IDOR Account takeover Bruteforce NA Mandeep Jadon (@1337tr0lls) Bug Bounty2018-09-072023-06-13
4584IDOR User Account Takeover By Connecting My Facebook Account with victims Account IDOR Meta / Facebook Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2018-09-162023-06-13
4573Bypassing Firebase authorization to create custom goo.gl subdomains Logic flaw IDOR Google Thomas Orlita (@ThomasOrlita) Bug Bounty2018-09-212023-06-13
4562Just another tale of severe bugs on a private program. Open redirect SSRF IDOR Logic flaw NA Siva Krishna Samireddi (@le4rner) Bug Bounty2018-09-282023-06-13
4561IDOR, Content Spoofing and Url Redirection via unsubscribe email in Confluent IDOR Content spoofing Open redirect Confluent Divyanshu Shukla (@justm0rph3u5) Bug Bounty2018-09-282023-06-13
4541Make any Unit in Facebook Groups Undeletable Logic flaw IDOR Authorization flaw Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-10-092023-06-13
4539Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR) IDOR New Relic Jon Bottarini (@jon_bottarini) Bug Bounty2018-10-092023-06-13
4533Add description to Instagram Posts on behalf of other users - 6500$ IDOR Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-10-122023-06-13
4525Add comment on a private Oculus Developer bug report IDOR Authorization flaw Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-10-182023-06-13
4511How Misconfigured API leaked user private information? IDOR Authorization flaw NA Yeasir Arafat Bug Bounty2018-10-262023-06-13