Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4060Story of a stored xss to full account takeover vulnerability(N/A to accepted) Stored XSS NA Jatin Aesthetic (@techyfreakk) Bug Bounty2019-07-042023-06-13
4059Account Takeover Using CSRF(json-based) CSRF Account takeover NA shub rathore (@shub66452) Bug Bounty2019-07-042023-06-13
4052OAuth authentication bypass on Airbnb acquisition using 1-char Open Redirect Open redirect Token leak Account takeover Airbnb Evgeniy Yakovchuk (@h1_sp1d3r) Bug Bounty2019-07-102023-06-13
4051Tale of account takeover — Sensitive info Disclosure + Broken Access Control IDOR Account takeover NA Md Saqib (@sakyb7) Bug Bounty2019-07-102023-06-13
4046Account takeover on Airbnb acquisition | An Unusual Bug Part-2 🐛 IDOR Account takeover Airbnb PRince CHaddha (@princechaddha) Bug Bounty2019-07-132023-06-13
4032Account Takeover Vulnerability :) Password reset Account takeover NA Sumit Jain (@sumit_cfe) Bug Bounty2019-07-172023-06-13
4018XX to XXX in one day Account takeover Parameter tampering WePay Baibhav Anand (@SpongeBhav) Bug Bounty2019-07-232023-06-13
4016How I found the most critical bug in live bug bounty event? Password reset Account takeover NA Lakshay (@inn0c3ntd3v1L) Bug Bounty2019-07-242023-06-13
4014Full Account Takeover via Changing Email And Password of any User through API Parameters IDOR Password reset Account takeover NA Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2019-07-262023-06-13
4012Story about Facebook Oauth Account Takeover Account takeover OAuth iLOTTE Zerb0a Bug Bounty2019-07-262023-06-13
4009Old GitHub Profile Takeover! Github account takeover NA Mohamed Haron (@m7mdharon) Bug Bounty2019-07-282023-06-13
4005Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts IDOR Paypal Mohd haji (@mohdhaji24) Bug Bounty2019-07-302023-06-13
3984Writing my Medium blog to complete account takeover Stored XSS Account takeover Medium Rotem Reiss (@rotem_reiss) Bug Bounty2019-08-092023-06-13
3973BookMyShow account takeover using social login OAuth Account takeover BookMyShow Sukhmeet Singh (@MadGuyyy) Bug Bounty2019-08-152023-06-13
3957From Github Recon To Account Takeover Information disclosure Account takeover NA Dipak kumar Das (@d1pakdas) Bug Bounty2019-08-242023-06-13
3954How I Hacked Instagram Again Password reset Account takeover Meta / Facebook Laxman Muthiyah (@LaxmanMuthiyah) Bug Bounty2019-08-262023-06-13
3941Readme.com Account Takeover Password reset Readme.com Ankush Goel (@0xankush) Bug Bounty2019-09-052023-06-13
3918How I found a simple and weird Account takeover bug Account takeover Missing authentication NA Bijan Murmu (@0xBijan) Bug Bounty2019-09-142023-06-13
3906[Case Study] OAuth Misconfiguration leads to Account Takeover OAuth Account takeover NA Gaurang Bhatnagar (@0xgaurang) Bug Bounty2019-09-212023-06-13
3889How I made 1000$ with AT&T Bug Bounty(H1) CSRF Account takeover AT&T Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2019-10-022023-06-13
3859XSS to Account Takeover XSS CSRF NA Tomi (@noobe_io) Bug Bounty2019-10-292023-06-13
3848How I Hacked Dutch Government in 5 Minutes? Twitter Account Takeover Broken link hijacking Dutch Government Numan ÖZDEMİR (@numanozdemircom) Bug Bounty2019-11-062023-06-13
3835Chains on Chains!! Chaining several IDOR’s into Account Takeover(PART ONE) IDOR NA Daniel Marte (@DanielM59720745) Bug Bounty2019-11-152023-06-13
3813Exploiting padding oracles with fixed IVs Padding oracle attack Account takeover NA Teddy Katz (@not_aardvark) Bug Bounty2019-11-232023-06-13
3812The AccountTakeOver Killing Chain Account takeover CSRF Self-XSS NA أنس روبي (@xhzeem) Bug Bounty2019-11-232023-06-13