Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2569Unauthorized access to Django Admin Dashboard by endpoint leaked on GitHub Missing authentication Forced browsing NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-05-102023-06-13
2568Exploiting Activity in medium android app Insecure intent Android Medium Raju kumar (@MrCyberwarrior) Bug Bounty2021-05-102023-06-13
2534CSRF from which we can create a support ticket in Victim’s Account (500$) CSRF Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2021-05-212023-06-13
2533Victim’s Anti CSRF Token could be exposed to Third-party Applications installed on user’s Device (500$) Information disclosure Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2021-05-212023-06-13
2515Escalating SSRF to Accessing all user PII information by aws metadata SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-05-312023-06-13
2511Escalating SSRF to Accessing all user PII information by aws metadata SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-06-012023-06-13
2498How Github recon help me to find NINE FULL SSRF Vulnerability with AWS metadata access SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-06-062023-06-13
2477How We Are Able To Hack Any Company By Sending Message – $20,000 Bounty [CVE-2021–34506] Universal XSS Microsoft Shivam Kumar Singh (@MrRajputHacker) Bug Bounty2021-06-152023-06-13
2443Misconfigured $3 Bucket - A Semi Opened Environment AWS misconfiguration Redbull Yukesh Kumar (@3th1c_yuk1) Bug Bounty2021-06-272023-06-13
2397How I was able Find mass leaked AWS s3 bucket from js File AWS misconfiguration NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-07-202023-06-13
2325Finding multiple SSRF with aws metadata access on A BANK system SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-08-142023-06-13
2316Confirming any new Email Address bug in Facebook (Part-4) Rate limiting bypass Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2021-08-172023-06-13
2177Privilege Escalation to stored XSS Privilege escalation HTTP response manipulation Stored XSS NA Rohit Kumar (Rohit_443) Bug Bounty2021-10-012023-06-13
2101Unauthenticated Access To Cloud Portal — A 🚪 Without 🗝️ Authentication bypass NA Yukesh Kumar (@3th1c_yuk1) Bug Bounty2021-11-052023-06-13
2083Privilege Escalation, worth of €300 Broken Access Control IDOR Privilege escalation NA Hemant Kumar Bug Bounty2021-11-122023-06-13
2010Exploiting S3 bucket with path folder to Access PII info of A BANK AWS misconfiguration Information disclosure NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-12-092023-06-13
1672Multiple Times I Hacked Duke University With RXSS Vulnerability!!! Reflected XSS Duke University Amit Kumar (@Amitlt2) Bug Bounty2022-04-022023-06-13
1669Hacked Instagram Handle Of Samsung…. Broken link hijacking Samsung Amit Kumar (@Amitlt2) Bug Bounty2022-04-032023-06-13
1665Hacked Nokia With Reflected Cross-site Scripting Vulnerability…. Reflected XSS Nokia Amit Kumar (@Amitlt2) Bug Bounty2022-04-042023-06-13
1606Open Redirection into Bentley System XSS Bentley Systems Amit Kumar (@Amitlt2) Bug Bounty2022-04-212023-06-13
1590Contact Point Deanonymization Vulnerability in Meta Information disclosure Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2022-04-282023-06-13
1472500$ Account Takeover Account takeover Information disclosure HTTP response manipulation Xsolla Hemant Kumar Bug Bounty2022-06-142023-06-13
1465Automating reflected XSS with burp-suite Intruder Reflected XSS NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2022-06-142023-06-13
1448Account Takeover by OTP bypass Information disclosure Client-side enforcement of server-side security OTP bypass Account takeover NA Vaibhav Kumar Srivastava Bug Bounty2022-06-192023-06-13
1402($$$) Origin ip to account takeover WAF bypass Password reset Host header injection Account takeover NA Hemant Kumar Bug Bounty2022-07-022023-06-13