Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
871Get Blind XSS within 5 Minutes — $100 Blind XSS NA Narayanan M Bug Bounty2022-11-032023-06-13
868Case of Admin Bypass for RCE, XSS, and Information Disclosure RCE Unrestricted file upload Stored XSS Information disclosure NA Sam Paredes (@caffeinevulns) Bug Bounty2022-11-032023-06-13
864PENTEST TALES: EXIF Data Manipulation Unrestricted file upload Stored XSS NA Armand Jasharaj Bug Bounty2022-11-052023-06-13
836Finding Reflected XSS In A Strange Way XSS NA Raymond Lind Bug Bounty2022-11-112023-06-13
829Winning QR with DOM-Based XSS | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-11-152023-06-13
817Got Another XSS using Double Encoding XSS NA ag3n7 Bug Bounty2022-11-172023-06-13
813Bypassing XSS filters using Double Encoding XSS WAF bypass NA ag3n7 (@ag3n7apk) Bug Bounty2022-11-182023-06-13
806Remediation Archeology — Finding and Decoding an Ancient XSS XSS NA Bend Theory (@bendtheory) Bug Bounty2022-11-182023-06-13
805Russian roulette XSS Blind XSS NA Splintersec (@splint3rsec) Bug Bounty2022-11-192023-06-13
803How i found 29 stored XSS in modern framework Stored XSS NA Dewanand Vishal (@dewcode91) Bug Bounty2022-11-202023-06-13
794Interesting Stored XSS via meta data Stored XSS NA Veshraj Ghimire (@GhimireVeshraj) Bug Bounty2022-11-222023-06-13
791CVE-2021-40662 Chamilo LMS 1.11.14 RCE Stored XSS CSRF RCE Chamilo LMS Febin Bug Bounty2021-11-232023-06-13
790XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by Scammers Stored XSS ConnectWise Nati Tal Bug Bounty2022-11-232023-06-13
788How I get +10 SQLi and +30 XSS via Automation Tool SQL injection XSS NA Mahmoud Attia (@0xElkot) Bug Bounty2022-11-232023-06-13
773WebView XSS, account takeover Webview XSS Android Account takeover Improper Export of Android Application Components NA shafou Bug Bounty2022-11-262023-06-13
772A great weekend hack(worth $8k) SQL injection IDOR Stored XSS NA Manas Harsh (@ManasH4rsh) Bug Bounty2022-11-262023-06-13
770A Real World Example Of Classic Remote Command Execution (RCE) OS command injection XSS RCE NA Bhashit Pandya (@x30r_) Bug Bounty2022-11-262023-06-13
764Multiple Vulnerabilities found in Airtel Android Application Arbitrary Code Execution URL validation bypass Symlink attack XSS Android Webview Airtel Google Gaurang Bhatnagar (@hax0rgb) Bug Bounty2022-11-272023-06-13
759Cross-Site Scripting in CodeIgniter version 3.1.13 Reflected XSS Security code review CodeIgniter Antoine Cervoise Bug Bounty2022-11-292023-06-13
754Stored XSS at https://www.tiktok.com/ the name of the attacker’s account carrying XSS payload will be triggered when the victim Send Video Stored XSS TikTok Aidil Arief Bug Bounty2022-11-302023-06-13
751XSS on account.leagueoflegends.com via easyXDM [2016] XSS postMessage Riot Games Luke Young (@TheBoredEng) Bug Bounty2022-12-012023-06-13
742Multiple Vulnerabilities in Proxmox VE & Proxmox Mail Gateway XSS CRLF injection SSRF LFI Local Privilege Escalation Arbitrary file read Proxmox JianTao Li (@cursered) Bug Bounty2022-12-022023-06-13
736A $$$ worth of cookies! | Reflected DOM-Based XSS | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2022-12-032023-06-13
712Automate Cross-Site Scripting (XSS) exploitation with unusal events and Burp Intruder XSS WAF bypass NA Riccardo Malatesta (@seeu_inspace) Bug Bounty2022-12-102023-06-13
705How “I hacked the Dutch government and got the lousy t-shirt” XSS Dutch Government IamDEAD Bug Bounty2022-12-112023-06-13