| 4617 | Finding hidden gems vol. 2: REAMDE.md, the story of a bit too helpful readme file |
Information disclosure |
NA |
Mateusz Olejarka (@molejarka) |
Bug Bounty | 2018-08-29 | 2023-06-13 |
| 4613 | https://medium.com/@mahitman1/i-own-your-customers-22e965761abd |
Information disclosure
Hardcoded credentials
AWS misconfiguration |
NA |
Muhammad Abdullah |
Bug Bounty | 2018-09-01 | 2023-06-13 |
| 4609 | P1 Vulnerability in 60 seconds |
Information disclosure
File disclosure |
NA |
Wh11teW0lf (@wh11tew0lf) |
Bug Bounty | 2018-09-05 | 2023-06-13 |
| 4575 | Shopify Athena Bug |
Authorization flaw
Information disclosure |
Shopify |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2018-09-20 | 2023-06-13 |
| 4570 | Responsible disclosure: retrieving a user%27s private Facebook friends. |
Logic flaw
Authorization flaw
Information disclosure |
Meta / Facebook |
Riccardo Padovani (@rpadovani93) |
Bug Bounty | 2018-09-23 | 2023-06-13 |
| 4559 | How I was able to takeover account%27s of an Earning App |
Information disclosure |
NA |
Abbas Wafa |
Bug Bounty | 2018-10-01 | 2023-06-13 |
| 4553 | Facebook Bug Bounty: Email Id, Phone Number Can be exposed Through Business Manager |
Logic flaw
Information disclosure |
Meta / Facebook |
Rohit kumar (@rohitcoder) |
Bug Bounty | 2018-10-03 | 2023-06-13 |
| 4508 | Journey through Google referer leakage bugs. |
Information disclosure
Referer leakage |
Google |
KL Sreeram (@kl_sree) |
Bug Bounty | 2018-10-28 | 2023-06-13 |
| 4503 | It’s all in the detail: Email leak & Account takeover thanks to WayBackMachine & extensive knowledge about the program |
Information disclosure
Authentication bypass
Account takeover |
NA |
Zseano (@zseano) |
Bug Bounty | 2018-10-30 | 2023-06-13 |
| 4500 | P1 Like a Boss | Information Disclosure via Github leads to Employee Account Takeover | Bug Bounty POC |
Information disclosure |
NA |
Muhammad Khizer Javed (@khizer_javed47) |
Bug Bounty | 2018-11-01 | 2023-06-13 |
| 4499 | Finding hidden gems vol. 3: quick win with .sh file |
Information disclosure |
NA |
Mateusz Olejarka (@molejarka) |
Bug Bounty | 2018-11-01 | 2023-06-13 |
| 4489 | Vine User’s Private information disclosure |
IDOR
Information disclosure |
Vine |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-11-07 | 2023-06-13 |
| 4488 | How I earned 5040$ from Twitter by showing a way to Harvest other users IP address |
Information disclosure |
Twitter |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-11-07 | 2023-06-13 |
| 4487 | Object name Exposure — ING Bank Responsible Disclosure Program |
Information disclosure |
ING Bank |
Rohit kumar (@rohitcoder) |
Bug Bounty | 2018-11-08 | 2023-06-13 |
| 4481 | Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends |
CSRF
Information disclosure |
Meta / Facebook |
Ron Masas (@RonMasas) |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4461 | XS-Searching Google’s bug tracker to find out vulnerable source code |
XS-Search
Information disclosure |
Google |
Luan Herrera (@lbherrera_) |
Bug Bounty | 2018-11-19 | 2023-06-13 |
| 4459 | How i Found Information Disclosure on Scribd.com |
CSRF |
Scribd.com |
Zerb0a |
Bug Bounty | 2018-11-22 | 2023-06-13 |
| 4453 | From CTFs to Bug Bounty Booty |
Information disclosure |
Tailor Store |
Benji Tobias |
Bug Bounty | 2018-11-26 | 2023-06-13 |
| 4446 | IRCTC — Millions of Passenger Details left at huge risk! |
Information disclosure
Lack of rate limiting |
IRCTC |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-11-28 | 2023-06-13 |
| 4429 | How I was Able To Bypass Email Verification |
Information disclosure |
NA |
Muzammil Kayani (@muzammilabbas2) |
Bug Bounty | 2018-12-08 | 2023-06-13 |
| 4424 | How I was able to generate Access Tokens for any Facebook user. |
IDOR
Information disclosure |
Meta / Facebook |
Youssef Sammouda (@samm0uda) |
Bug Bounty | 2018-12-11 | 2023-06-13 |
| 4408 | Accessing VoIP Internal service via Port 8009: Routing traffic through local Apache proxy |
Information disclosure |
NA |
Ahmed A. Sherif |
Bug Bounty | 2018-12-16 | 2023-06-13 |
| 4401 | Facebook BugBounty - Disclosing page members |
Information disclosure |
Meta / Facebook |
Nirmal Thapa / mpz (@tnirmalz) |
Bug Bounty | 2018-12-20 | 2023-06-13 |
| 4400 | Facebook BugBounty — Disclosing page members |
Information disclosure |
Meta / Facebook |
Nirmal Thapa (@tnirmalz) |
Bug Bounty | 2018-12-20 | 2023-06-13 |
| 4330 | How I hacked a website integrated w/ Facebook having 1.1 mil. users under 45 seconds. |
Information disclosure |
WeeQuizz |
Piyush Raj (@0x48piraj) |
Bug Bounty | 2019-01-30 | 2023-06-13 |
