Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4570Responsible disclosure: retrieving a user%27s private Facebook friends. Logic flaw Authorization flaw Information disclosure Meta / Facebook Riccardo Padovani (@rpadovani93) Bug Bounty2018-09-232023-06-13
4562Just another tale of severe bugs on a private program. Open redirect SSRF IDOR Logic flaw NA Siva Krishna Samireddi (@le4rner) Bug Bounty2018-09-282023-06-13
4560Hacking the Subway Android app Logic flaw Authorization flaw Subway Wesley Gahr (@wesley_gahr) Bug Bounty2018-09-282023-06-13
4553Facebook Bug Bounty: Email Id, Phone Number Can be exposed Through Business Manager Logic flaw Information disclosure Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2018-10-032023-06-13
4552Exploiting an unknown vulnerability Logic flaw Payment tampering NA Abhishek Bundela (@abhibundela) Bug Bounty2018-10-032023-06-13
4549GoogleMeetRoulette: Joining random meetings Bruteforce Logic flaw Google Martin Vigo (@martin_vigo) Bug Bounty2018-10-042023-06-13
4541Make any Unit in Facebook Groups Undeletable Logic flaw IDOR Authorization flaw Meta / Facebook Sarmad Hassan (@JubaBaghdad) Bug Bounty2018-10-092023-06-13
4537Payment bypass Payment bypass Logic flaw NA Pratik Yadav (@PratikY9967) Bug Bounty2018-10-092023-06-13
4526Security teams Internal attachments can be exported via "Export as .zip" feature on HackerOne Logic flaw HackerOne Japz Divino (@japzdivino) Bug Bounty2018-10-172023-06-13
4522A possibility of Account Takeover in Medium Account takeover Logic flaw Medium Prashant Kumar (@notsoshant) Bug Bounty2018-10-202023-06-13
4521Harvesting all private invites using leave program fast-tracked invitation and security@ email forwarding feature Logic flaw HackerOne Japz Divino (@japzdivino) Bug Bounty2018-10-222023-06-13
4502Bypass HackerOne 2FA requirement and reporter blacklist Logic flaw MFA bypass Authentication flaw HackerOne Japz Divino (@japzdivino) Bug Bounty2018-10-312023-06-13
4475Facebook Vulnerability: Hiding from the view of Business Admin in the Business Manager Logic flaw Authorization flaw Meta / Facebook Ritish Kumar Singh Bug Bounty2018-11-152023-06-13
4466Bypassing “How I hacked Google’s bug tracking system itself for $15,600 in bounties.” Logic flaw Google Gopal Singh (@gopalsinghcse) Bug Bounty2018-11-172023-06-13
4456Bypassing Scratch Cards On Google Pay Logic flaw Google Pratheesh P Narayanan Bug Bounty2018-11-222023-06-13
4440Remotely Hijacking Zoom Clients Logic flaw Zoom David Wells Bug Bounty2018-12-032023-06-13
4431Facebook WhiteHat: Able to access group plan even after leaving the group Authorization flaw Logic flaw Meta / Facebook Family guy Bug Bounty2018-12-062023-06-13
4415Chaining Two Vulnerabilities to Break Facebook Appointment Times For the Second Time Logic flaw Application-level DoS Meta / Facebook Max Pasqua Bug Bounty2018-12-142023-06-13
4414Unremovable Tags In Facebook Page Reviews Logic flaw Meta / Facebook Max Pasqua Bug Bounty2018-12-142023-06-13
4363Facebook Vulnerability: Unremovable facebook group admin Logic flaw Meta / Facebook Ritish Kumar Singh Bug Bounty2019-01-152023-06-13
4341How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc) Logic flaw Authentication flaw Google Microsoft Meta / Facebook Luke Berner Bug Bounty2019-01-252023-06-13
4340Facebook Change Product Availability as a PageAnalyst Logic flaw Authorization flaw Meta / Facebook onehackzero Bug Bounty2019-01-252023-06-13
4338Misconfiguration-Whatsapp Messenger Logic flaw Meta / Facebook Pratheesh P Narayanan Bug Bounty2019-01-262023-06-13
4329$7.5k Google Cloud Platform organization issue Logic flaw Google Ezequiel Pereira (@epereiralopez) Bug Bounty2019-01-302023-06-13
4288How I Registered Multiple Accounts in PrivateInternetAccess VPN Service for FREE Logic flaw PrivateInternetAccess VPN Spade Bug Bounty2019-02-202023-06-13