Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
702Not usual CSP bypass case Unrestricted file upload XSS CSP bypass NA Karol Mazurek Bug Bounty2022-12-122023-06-13
691CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution Websockets XSS RCE Arbitrary file write Path traversal OnlyOffice Iain Wallace (@strawp) Bug Bounty2022-12-142023-06-13
689FlowscreenComponents Basepack, Version 3.0.7 Advisory XSS Security code review UnofficialSF Matthew Rutledge Bug Bounty2022-12-152023-06-13
688Missing Bricks: Finding Security Holes in LEGO APIs XSS XXE LEGO Shiran Yodev Bug Bounty2022-12-152023-06-13
686Param Hunting to Injections HTML injection XSS NA 302 Found Bug Bounty2022-12-162023-06-13
685CVE-2022-42710: A journey through XXE to Stored-XSS Stored XSS XXE Security code review Linear Omar Hashem (@OmarHashem666) Bug Bounty2022-12-162023-06-13
682I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS Stored XSS Self-XSS Zoom Eugene Lim (@spaceraccoonsec) Bug Bounty2022-12-172023-06-13
679How I was able to steal users credentials via Swagger UI DOM-XSS DOM XSS Old components with known vulnerabilities NA Mohamed Reda (@M0x0101) Bug Bounty2022-12-182023-06-13
678Better Make Sure Your Password Manager Is Secure Hardcoded credentials XSS Cryptographic issues Authorization flaw Authentication bypass Click Studios kuekerino (@kuekerino) Bug Bounty2022-12-192023-06-13
676How I found my first XSS on a Bug Bounty Program XSS Coinbase Vikas Anand (@kingcoolvikas) Bug Bounty2022-12-202023-06-13
666Zero Click To Account Takeover (IDOR + XSS) IDOR XSS Account takeover NA Arman (@M7arm4n) Bug Bounty2022-12-212023-06-13
657$350 XSS in 15 minutes DOM XSS JSONP NA Anton (@therceman) Bug Bounty2022-12-232023-06-13
656Microsoft bug reports lead to ranking on Microsoft MSRC Quarterly Leaderboard (Q3 2022) XSS Microsoft Supakiad S. (@Supakiad_Mee) Bug Bounty2022-12-232023-06-13
649Uncovering a Bug I Found in Outlook: How Could an Account Has Been Compromised? XSS Microsoft Cem Onat Karagun Bug Bounty2022-12-262023-06-13
648How I found multiple critical bugs in Red Bull Authentication bypass HTTP response manipulation Path traversal LFI XSS SQL injection RCE Unrestricted file upload RFI Security code review Red Bull Bartłomiej Bergier (@_bergee_) Bug Bounty2022-12-262023-06-13
645Stored XSS vulnerability in Microsoft booking Stored XSS CSP bypass Microsoft Mrtechghost Bug Bounty2022-12-272023-06-13
637How I got a Bug At Apple that lead’s to takeover accounts of any user who view my profile XSS Account takeover Apple Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-12-292023-06-13
636Exploring the World of ESI Injection ESI injection WAF bypass XSS NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2022-12-292023-06-13
633How I took over an admin panel and got $500 Blind XSS Account takeover NA Muhammed Mubarak Bug Bounty2023-01-012023-06-13
629An amazing way to turn a xss into an ATO XSS Account takeover NA Naka Bug Bounty2023-01-022023-06-13
628Web-Cache Poisoning $$$? Worth it? Web cache poisoning XSS NA Yaseen Zubair Bug Bounty2023-01-022023-06-13
627Exploiting thousands of Domains for XSS XSS GoDaddy Kailash (@Corrupted_brain) Bug Bounty2023-01-022023-06-13
623Vue JS Reflected XSS Reflected XSS Blind XSS CORS misconfiguration UI redressing NA sid0krypt (@Siddhar07949650) Bug Bounty2023-01-032023-06-13
622Fetch Diversion DOM XSS NA Nicolas Christin (@acut3hack) Bug Bounty2023-01-032023-06-13
617Blind XSS in Email Field; 1000$ bounty Blind XSS NA Yaseen Zubair Bug Bounty2023-01-052023-06-13