Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4090Facebook Vulnerability: Unremovable Co-Host in facebook group events Logic flaw Meta / Facebook Ritish Kumar Singh Bug Bounty2019-06-192023-06-13
4058Facebook Vulnerability: Unremovable Co-Host in facebook page events Logic flaw DoS Meta / Facebook Ritish Kumar Singh Bug Bounty2019-07-042023-06-13
3994No Rate limiting eligible for bounty ? Lack of rate limiting NA Smaran Chand (@smaranchand) Bug Bounty2019-08-032023-06-13
3970How I was able to earn 1000$ with just 10 minutes of bug bounty? Password reset NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2019-08-172023-06-13
3953How i was able to exploit the same endpoint 2 times ( multiple xss & open Redirection on 10 subdomain) XSS Open redirect Sanity.io Ratnadip Gajbhiye (@scspcommunity) Bug Bounty2019-08-262023-06-13
3911How I able to Takeover 10 subdomains in a Private Program ? Subdomain takeover NA Mohamed Haron (@m7mdharon) Bug Bounty2019-09-202023-06-13
3892How a double-free bug in WhatsApp turns to RCE Memory corruption RCE Android Meta / Facebook Awakened Bug Bounty2019-10-022023-06-13
3877How I was able to bypass OTP code requirement in Razer [The story of a critical bug] OTP bypass Razer Ananda Dhakal (@dhakal_ananda) Bug Bounty2019-10-162023-06-13
3866Responsible denial of service with web cache poisoning DoS Web cache poisoning Tesla HackerOne Deliveroo Bitbucket Paypal Meta / Facebook Twitter James Kettle (@albinowax) Bug Bounty2019-10-242023-06-13
3858Cross Site Request Forgery Critical Exploitable IN Infected Site? CSRF NA Hossam Mesbah Bug Bounty2019-10-292023-06-13
3827This is How I was able to hunt a rare bug in a private program Missing authentication Privilege escalation NA Abida Fahd Bug Bounty2019-11-182023-06-13
3816Disable Any Unconfirmed Account in Facebook Bruteforce Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2019-11-212023-06-13
3808Getting access to disabled/hidden features with the help of Burpsuite Match and Replace settings Authorization flaw NA Johns Simon (@Johnssimon22) Bug Bounty2019-11-272023-06-13
3789AirDoS: Remotely render any nearby iPhone or iPad unusable DoS Apple Kishan Bagaria (@KishanBagaria) Bug Bounty2019-12-102023-06-13
3782How I was able to find a logical bug on Instagram? Logic flaw Meta / Facebook Jabir Khan (@Jabirkhan0x0) Bug Bounty2019-12-132023-06-13
3721The trouble with Microsoft’s Troubleshooters RCE MiTM Microsoft Imre Rad (@ImreRad) Bug Bounty2020-01-152023-06-13
3709How I was able to take over any users account with host header injection Host header injection NA Ajay Gautam (@evilboyajay) Bug Bounty2020-01-232023-06-13
3696How I was able to takeover the company’s LinkedIn Page Broken link hijacking NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-01-292023-06-13
3688Responsible Disclosure: Breaking out of a Sandboxed Editor to perform RCE RCE HackerEarth Jatin Dhankhar (@jatindhankhar_) Bug Bounty2020-02-042023-06-13
3676How Inspect Element Got me a Bounty Client-side enforcement of server-side security NA Aditya Soni (@hetroublemakr) Bug Bounty2020-02-062023-06-13
3619Vulnerable design leads to personal data leakage- yet another case of an inter-application vulnerability… Logic flaw NA Marcin Szydlowski (@SecurityKsl) Bug Bounty2020-03-092023-06-13
3615How I was able to bypass the current password? Account takeover CSRF NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2020-03-112023-06-13
3598How I was able to verify any contact number for my account? OTP bypass MFA bypass NA Paras Arora (@parasarora06) Bug Bounty2020-03-172023-06-13
3541How was i able to find privilege escalation. IDOR Authorization flaw NA Akshar Tank (@Akshar__tank) Bug Bounty2020-04-182023-06-13
3506Private Dashboards were accessible by other Admins in Analytics Dashboard Authorization flaw Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2020-05-022023-06-13