Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
404How I Used JS files inspection and Fuzzing to do admins/supports stuff Broken Access Control NA Fares Walid (@SirBagoza) Bug Bounty2023-02-232023-06-13
355Unauthorized Access To Admin Panel via Swagger Missing authentication Broken Access Control Coca-Cola Arman (@M7arm4n) Bug Bounty2023-03-042023-06-13
35330-Minute Heist: How I Bagged a $1500 Bounty in Just few Minutes! Broken Access Control Logic flaw NA Charlie : The Hacker Bug Bounty2023-03-042023-06-13
347Exposing Users Table From a Leaky GraphQL Query GraphQL Authorization flaw Broken Access Control NA Inderjeet Singh - encodedguy (@3nc0d3dGuY) Bug Bounty2023-03-062023-06-13
335Unauthorized access to Codespace secrets in GitHub Logic flaw Broken Access Control Account takeover GitHub Ophion Security (@OphionSecurity) Bug Bounty2023-03-072023-06-13
310The Time I Hacked Google’s Manual Actions Database Broken Access Control Authorization flaw Google Tom Anthony (@TomAnthonySEO) Bug Bounty2023-03-132023-06-13
268Joomla! CVE-2023-23752 to Code Execution Broken Access Control RCE Joomla! Jacob Baines (@Junior_Baines) Bug Bounty2023-03-232023-06-13
259High severity vulnerability fixed in WordPress Elementor Pro plugin. Broken Access Control Privilege Escalation Security code review Elementor Jerome Bruandet Bug Bounty2023-03-282023-06-13
213Account Take Over (Via an API) Account takeover Information disclosure Broken Access Control Cryptographic issues NA Thabiso Mokoena Bug Bounty2023-04-102023-06-13
196From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR Debug mode enabled IDOR Information disclosure JWT Broken Access Control Exposed registration page NA Aayush Vishnoi (@AayushVishnoi10) Bug Bounty2023-04-142023-06-13
183How Material Security Uncovered a Vulnerability in the Gmail API Broken Access Control Authorization flaw Google Chris Long (@Centurion) Bug Bounty2023-04-182023-06-13
166Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers Salesforce Security misconfiguration Broken Access Control NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2023-04-212023-06-13
103What is kong & why we’re relying on it RCE Sandbox escape Authentication bypass Hardcoded credentials Broken Access Control Privilege escalation JWT Konga Laluka (@TheLaluka) Bug Bounty2023-05-102023-06-13