Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1037Blind XSS on Admin Portal Leads to Information Disclosure Blind XSS NA Rohit Kumar (Rohit_443) Bug Bounty2022-09-242023-06-13
1036Escalating SSTI to Reflected XSS using curly braces {} SSTI XSS NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-09-242023-06-13
1035Stored XSS in Nvidia via Angular JS template injection CSTI Stored XSS Nvidia Mohamed Abdelhady Bug Bounty2022-09-252023-06-13
1019CVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View Reflected XSS Canon Jordan Hedges Bug Bounty2022-09-292023-06-13
1017XSS through DHCP: How Attackers Use Standards XSS NA Dylan Ross Bug Bounty2022-09-292023-06-13
1010Zoneminder – Web App Testing – Oct 2022 DoS Log injection CSRF Stored XSS ZoneMinder Trenches of IT (@TrenchesofIT) Bug Bounty2022-09-302023-06-13
993Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored Self-XSS CSRF NA Ahmad A Abdulla (@lu3ky13) Bug Bounty2022-10-062023-06-13
982Reflected cross-site scripting vulnerability in Crealogix EBICS implementation Reflected XSS CREALOGIX AG Tobias Ospelt (@floyd_ch) Bug Bounty2022-10-102023-06-13
969$6000 with Microsoft Hall of Fame | Microsoft Firewall Bypass | CRLF to XSS | Microsoft Bug Bounty CRLF injection XSS Microsoft Neh Patel (@thecyberneh) Bug Bounty2022-10-122023-06-13
951How I Got $10,000 From GitHub For Bypassing Filtration of HTML tags XSS GitHub Saajan Bhujel (@saajanbhujel) Bug Bounty2022-10-162023-06-13
947Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1 RCE XSS HelpSystems Rio (@0x09AL) Bug Bounty2022-10-172023-06-13
939Vulnerabilities in Tenda%27s W15Ev2 AC1200 Router OS command injection Buffer Overflow Memory corruption Stored XSS Authorization flaw Information disclosure Tenda Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-192023-06-13
937Scan QR Code and Got Hacked (CVE-2021–43530 : UXSS on Firefox Android Version) Universal XSS Android Mozilla hafiizh Bug Bounty2022-10-192023-06-13
934FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer CSTI Stored XSS Microsoft Lidor Ben Shitrit Bug Bounty2022-10-192023-06-13
916How I Found A Simple Stored XSS Stored XSS NA Raymond Lind Bug Bounty2022-10-242023-06-13
9145000$ for Apple Stored Xss And Another Blind Xss Still under review Blind XSS Apple Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-10-242023-06-13
908Chaining multiple vulnerabilities for credential stealing CSRF Self-XSS XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-10-252023-06-13
906GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown OS command injection Arbitrary file read Information disclosure Account takeover Stored XSS Lack of rate limiting Weak credentials Password policy bypass GL.iNet Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-262023-06-13
905Stored XSS To Cookie Exfiltration Stored XSS NA Raymond Lind Bug Bounty2022-10-262023-06-13
903SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction XSS Samsung - Bug Bounty2022-10-262023-06-13
895Visual Studio Code Jupyter Notebook RCE RCE XSS Arbitrary file read Electron Microsoft Luca Carettoni (@lucacarettoni) Bug Bounty2022-10-272023-06-13
890CVE-2022-22241: Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities RCE Phar deserialization Reflected XSS XPATH injection Path traversal LFI Juniper Paulos Yibelo (@PaulosYibelo) Bug Bounty2022-10-282023-06-13
887Exploiting Static Site Generators: When Static Is Not Actually Static SSRF XSS Security code review Netlify Gatsby Shubham Shah (@infosec_au) Bug Bounty2022-10-282023-06-13
881Safari is hot-linking images to semi-random websites Browser hacking XSS Apple Gareth Heyes (@garethheyes) Bug Bounty2022-10-312023-06-13
878How I Get 5x Swag From Sony DOM XSS Directory listing Default credentials Information disclosure Sony Naeem Ahmed Sayed (@0xNaeem) Bug Bounty2022-11-022023-06-13