| 4484 | Clickjacking on Google MyAccount Worth 7,500$ |
Clickjacking |
Google |
apapedulimu / Nosa Shandy (@LocalHost31337) |
Bug Bounty | 2018-11-11 | 2023-06-13 |
| 4483 | OLX Reflected XSS on Resend Code link !! |
Reflected XSS |
OLX |
Harshad Gaikwad (@h4rsh4d) |
Bug Bounty | 2018-11-12 | 2023-06-13 |
| 4482 | Chain exploitation of XSS |
DOM XSS
Clickjacking
CSRF |
NA |
Mikhail Klyuchnikov (@__Mn1__) |
Bug Bounty | 2018-11-12 | 2023-06-13 |
| 4481 | Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends |
CSRF
Information disclosure |
Meta / Facebook |
Ron Masas (@RonMasas) |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4480 | [DOM based XSS] Or why you should not rely on Cloudflare too much |
DOM XSS |
NA |
KatsuragiCSL (@ZuuitterE) |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4479 | OOB XXE in PrizmDoc (CVE-2018–15805) |
OOB XXE |
PrizmDoc |
Nik srivastava |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4478 | Spoof All Domains Containing %27d%27 in Apple Products [CVE-2018-4277] |
Browser hacking |
Apple |
Tencent%27s Xuanwu Lab |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4477 | Breaking Appointments and Job Interview Schedules With Malformed Times |
DoS |
Meta / Facebook |
Max Pasqua |
Bug Bounty | 2018-11-14 | 2023-06-13 |
| 4476 | How I Discovered XSS that Affects around 20 Uber Subdomains |
XSS |
Uber |
Fady Othman (@Fady_Othman) |
Bug Bounty | 2018-11-14 | 2023-06-13 |
| 4475 | Facebook Vulnerability: Hiding from the view of Business Admin in the Business Manager |
Logic flaw
Authorization flaw |
Meta / Facebook |
Ritish Kumar Singh |
Bug Bounty | 2018-11-15 | 2023-06-13 |
| 4473 | Creating unauthorized comments on Facebook Live Stream! |
Privilege escalation
Authorization flaw |
Meta / Facebook |
Binit Ghimire (@WHOISbinit) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4472 | Spoofing file extensions on HackerOne |
Unrestricted file upload |
HackerOne |
Anurag Jain (@csanuragjain) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4471 | HackenProof Customer Story: Uklon |
XSS
IDOR
Blind XSS
Account takeover |
Uklon |
HackenProof (@hackenproof) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4470 | [POC] Cross-Site Scripting on Garuda Indonesia Website |
XSS |
Garuda Indonesia |
Arif-ITSEC111 |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4469 | XSS in hidden input fields |
XSS |
NA |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4468 | Microsoft BingPlaces Business - (url) Redirect Vulnerability |
Open redirect |
Microsoft |
Benjamin K.M. |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4466 | Bypassing “How I hacked Google’s bug tracking system itself for $15,600 in bounties.” |
Logic flaw |
Google |
Gopal Singh (@gopalsinghcse) |
Bug Bounty | 2018-11-17 | 2023-06-13 |
| 4465 | Edmodo XSS Bug |
XSS |
Edmodo |
Sameer Phad (@sameerphad72) |
Bug Bounty | 2018-11-18 | 2023-06-13 |
| 4464 | From Security Misconfiguration to Gaining Access of SMTP server |
File disclosure |
NA |
Daniel V. (@d4niel_v) |
Bug Bounty | 2018-11-18 | 2023-06-13 |
| 4463 | XSS bypass using META tag in realestate.postnl.nl |
XSS |
post.nl |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-11-18 | 2023-06-13 |
| 4462 | Youtube - Open redirection |
Open redirect |
Google |
Barak Tawily (@quitten11) |
Bug Bounty | 2018-11-19 | 2023-06-13 |
| 4461 | XS-Searching Google’s bug tracker to find out vulnerable source code |
XS-Search
Information disclosure |
Google |
Luan Herrera (@lbherrera_) |
Bug Bounty | 2018-11-19 | 2023-06-13 |
| 4460 | How I Hacked Netflix users & Use it free forever |
Cookie injection
Privilege escalation |
Netflix |
Blueberryinfosec (@bbinfosec) |
Bug Bounty | 2018-11-19 | 2023-06-13 |
| 4459 | How i Found Information Disclosure on Scribd.com |
CSRF |
Scribd.com |
Zerb0a |
Bug Bounty | 2018-11-22 | 2023-06-13 |
| 4458 | An interesting XXE in SAP. |
XXE |
SAP |
Zain Sabahat (@Zain_Sabahat) |
Bug Bounty | 2018-11-22 | 2023-06-13 |
