Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
613Advanced CSRF Exploitation CSRF Stored XSS NA Sandro Einfeldt Bug Bounty2023-01-072023-06-13
606Hacking Hackers for fun and profit Self-XSS Blind XSS NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2023-01-092023-06-13
604“2022: A Year of Fascinating Discoveries” CSRF SSRF Blind XSS Password reset Hyperlink injection IDOR Weak credentials AWS misconfiguration NA dhakal_bibek (@dhakal__bibek) Bug Bounty2023-01-092023-06-13
590XSS using postMessage in Google Cloud Theia notebooks [Google VRP] XSS postMessage Google Sreeram KL (@kl_sree) Bug Bounty2023-01-152023-06-13
581DOM-Based XSS for fun and profit $$$! | Bug Bounty POC DOM XSS NA Haroon Hameed (@HaroonHameed40) Bug Bounty2023-01-172023-06-13
561CSRF + Stored XSS Leading to Full Account Takeover Stored XSS CSRF Account takeover NA Fares Walid (@SirBagoza) Bug Bounty2023-01-202023-06-13
558Bypassing Cloudflare WAF: XSS via SQL Injection Reflected XSS SQL injection WAF bypass NA Uku Sõrmus Bug Bounty2023-01-212023-06-13
557How I found XSS on Admin Page without login! Reflected XSS NA Abdelrhman Allam (@sl4x0) Bug Bounty2023-01-222023-06-13
556Reflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms Reflected XSS Microsoft Supakiad S. (@Supakiad_Mee) Bug Bounty2023-01-222023-06-13
544MyBB <= 1.8.31: Remote Code Execution Chain RCE SQL injection Stored XSS MyBB Aleksey Solovev Bug Bounty2023-01-252023-06-13
541OpenEMR - Remote Code Execution in your Healthcare System RCE XSS LFI Arbitrary file read Security code review OpenEMR Dennis Brinkrolf (@DBrinkrolf) Bug Bounty2023-01-262023-06-13
528Blind XSS To SSRF Blind XSS SSRF NA Akash c Bug Bounty2023-01-292023-06-13
527How I was able to find 4 Cross-site scripting (XSS) on vulnerability disclosure program ? XSS NA DrakenKun Bug Bounty2023-01-292023-06-13
514RCE in Avaya Aura Device Services RCE Security code review XSS WebDAV Avaya Dylan Pindur Bug Bounty2023-02-012023-06-13
503Discovering 5 XSS Vulnerabilities In a Simple Way With Xssor.go Reflected XSS NA Fares Walid (@SirBagoza) Bug Bounty2023-02-022023-06-13
500Play with Google, Twitter, Apple, Dell XSS HTML injection IDOR Information disclosure Google Twitter Apple Dell rezaduty (@rezaduty) Bug Bounty2023-02-032023-06-13
498postMessage DOM XSS vulnerability in Gartner Peer Insights widget postMessage DOM XSS Gartner Gradle LogRhythm SentinelOne Synopsys Veeam Vodafone Black Kite ReversingLabs Tata Communications Justin Steven (@justinsteven) Bug Bounty2023-02-042023-06-13
497SSO Gadgets: Escalate (Self-)XSS to ATO SSO OAuth Account takeover Self-XSS Login CSRF NA Lauritz Holtmann (@_lauritz_) Bug Bounty2023-02-042023-06-13
494How we made $120k bug bounty in a year with good automation XSS Security misconfiguration Log4shell Debug mode enabled NA Dawid Moczadło (@kannthu1) Bug Bounty2023-02-062023-06-13
489A zero day for the government’s “demo servers” and internal networks XSS NA fopwn Bug Bounty2023-02-062023-06-13
481Reflected XSS on Target with tough WAF ( WAF Bypass ) Reflected XSS WAF bypass NA Eagle_92 Bug Bounty2023-02-082023-06-13
451Securing Open-Source Solutions: A Study of osTicket Vulnerabilities Stored XSS Reflected XSS SQL injection Session fixation osTicket Miguel Correia Bug Bounty2023-02-142023-06-13
447XSS on The MOST Popular Movie Ticket website. XSS NA Tarang Parmar Bug Bounty2023-02-152023-06-13
435Hacking the Search Bar: The Story of Discovering and Reporting an XSS Vulnerability on Bing.com XSS Microsoft (Bing) Niraj Mahajan Bug Bounty2023-02-182023-06-13
431Reflected Cross Site Scripting (Awards 3500$ bounty) Reflected XSS Shopify ShuttlerTech Bug Bounty2023-02-202023-06-13