| 4201 | Google Groups Authorization Bypass |
Authorization flaw |
Google |
Daniel Marad |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4200 | How I hacked Vending Machine |
Violation of secure design principles |
NA |
Valeriy Shevchenko (@Krevetk0Valeriy) |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4199 | Just 5 minute to get my 2nd stored XSS on Edmodo.com |
Stored XSS |
Edmodo |
ZishanAdThandar (@ZishanAdThandar) |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4198 | How i found credential enriched redis dump |
File disclosure
Information disclosure |
NA |
Ashish Kunwar (@D0rkerDevil) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4197 | A $5000 IDOR… |
IDOR |
NA |
Mr.Hacker (@mr_hacker0007) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4196 | Banner Grabbing to DoS and Memory Corruption |
DoS
Information disclosure |
NA |
Daniel V. (@d4niel_v) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4195 | Code execution - Evernote |
RCE
Path traversal |
Evernote |
Dhiraj (@mishradhiraj_) |
Bug Bounty | 2019-04-17 | 2023-06-13 |
| 4194 | PDFReacter SSRF to ROOT Level Local File Read which led to RCE |
SSRF
RCE |
NA |
Armaan Pathan (@armaancrockroax) |
Bug Bounty | 2019-04-18 | 2023-06-13 |
| 4193 | Scary Tickets😨 |
Ticket Trick |
NA |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2019-04-19 | 2023-06-13 |
| 4192 | Responsible disclosure: improper access control in Gitlab private project. |
Authorization flaw |
GitLab |
Riccardo Padovani (@rpadovani93) |
Bug Bounty | 2019-04-19 | 2023-06-13 |
| 4191 | Twitter - protected tweets exposure |
Information disclosure |
Twitter |
Terjanq (@terjanq) |
Bug Bounty | 2019-04-19 | 2023-06-13 |
| 4190 | [CONFIRMATION BYPASS ] |
Email verification bypass
Information disclosure |
NA |
Navneet (@na5n33t) |
Bug Bounty | 2019-04-21 | 2023-06-13 |
| 4189 | Ssrf to Read Local Files and Abusing the AWS metadata |
SSRF |
NA |
Pratik Yadav (@PratikY9967) |
Bug Bounty | 2019-04-21 | 2023-06-13 |
| 4187 | [XSS] Reflected XSS Bypass Filter |
Reflected XSS |
NA |
Mohamed Sayed (@FlEx0Geek) |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4186 | Yet Other Examples of Abusing CSRF in Logout |
CSRF |
NA |
Soroush Dalili (@irsdl) |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4185 | The neglected bug that can infect All Facebook users who pay for leads ads. |
CSV injection |
Meta / Facebook |
Hesham Watany |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4184 | Facebook’s Burglary Shopping List |
Information disclosure |
Meta / Facebook |
John Moss (@x41x41x41) |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4183 | Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos |
Information disclosure |
Zendesk |
Ruby Nealon (@_ruby) |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4182 | A picture that steals data |
Information disclosure |
NA |
Sergey Kashatov (@iframe0x01) |
Bug Bounty | 2019-04-24 | 2023-06-13 |
| 4181 | CSRF Attack can lead to Stored XSS |
CSRF
Stored XSS |
NA |
Mohamed Sayed (@FlEx0Geek) |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4180 | The journey of Web Cache + Firewall Bypass to SSRF to AWS credentials compromise! |
LFI
SSRF
WAF bypass
Cloudflare bypass |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4179 | Stealing local storage data through XSS |
Stored XSS
Account takeover |
NA |
Harshad Gaikwad (@h4rsh4d) |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4178 | Missing Authorization check while deleting App Review for Marketing API |
Authorization flaw |
Meta / Facebook |
Family guy |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4177 | [sidefx][Poc] user enumeration & no rate limeted in send message function |
Username enumeration
Lack of rate limiting |
SideFX |
Abdelhak Kharroubi |
Bug Bounty | 2019-04-26 | 2023-06-13 |
| 4176 | for PayPal security team,“get user balances and transaction details” is not a vulnerability! |
Information disclosure |
Paypal |
Todaro (@tod4ro) |
Bug Bounty | 2019-04-26 | 2023-06-13 |
