Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4065How I escalated RFI into LFI RFI LFI NA Hassan Khan Yusufzai (@Splint3r7) Bug Bounty2019-07-012023-06-13
4064Another Download Protection Bypass in Google Chrome – BIN files in Mac OS Browser hacking Google Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2019-07-022023-06-13
4062Yeah! I got P2 in 1 minute - Stored XSS via Markdown Editor Stored XSS NA Schopath Bug Bounty2019-07-022023-06-13
4061Finding hidden gems vol. 4: Rakefile a.k.a. how to get AWS keys again Information disclosure NA Mateusz Olejarka (@molejarka) Bug Bounty2019-07-032023-06-13
4060Story of a stored xss to full account takeover vulnerability(N/A to accepted) Stored XSS NA Jatin Aesthetic (@techyfreakk) Bug Bounty2019-07-042023-06-13
4059Account Takeover Using CSRF(json-based) CSRF Account takeover NA shub rathore (@shub66452) Bug Bounty2019-07-042023-06-13
4058Facebook Vulnerability: Unremovable Co-Host in facebook page events Logic flaw DoS Meta / Facebook Ritish Kumar Singh Bug Bounty2019-07-042023-06-13
4057This is how I managed to win $2000 through Facebook Bug Bounty Logic flaw Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2019-07-042023-06-13
4056Blind (time-based) SQLi - Bug Bounty SQL injection NA jspin (@jespinhara) Bug Bounty2019-07-052023-06-13
4055Cleartext password in LocalStorage (Writeup) Violation of secure design principles NA ruvlol Bug Bounty2019-07-072023-06-13
4054Information Disclosure via Misconfigured AWS to AWS Bucket Takeover AWS misconfiguration NA Pratyush Anjan Sarangi Bug Bounty2019-07-082023-06-13
4053A malicious editor of a page can support to a community action which can’t be unsupported by the admin! Authorization flaw Meta / Facebook mAshraf Bug Bounty2019-07-092023-06-13
4052OAuth authentication bypass on Airbnb acquisition using 1-char Open Redirect Open redirect Token leak Account takeover Airbnb Evgeniy Yakovchuk (@h1_sp1d3r) Bug Bounty2019-07-102023-06-13
4051Tale of account takeover — Sensitive info Disclosure + Broken Access Control IDOR Account takeover NA Md Saqib (@sakyb7) Bug Bounty2019-07-102023-06-13
4050SQL Injection Bug Bounty POC! SQL injection NA Arif-ITSEC111 Bug Bounty2019-07-112023-06-13
4049Story of my Biggest Bounty ever : Command Execution on Jenkins RCE Exposed Jenkins instance NA Jay Jani (@JayJani007) Bug Bounty2019-07-112023-06-13
4048XSS on Google Custom Search Engine XSS Google KL Sreeram (@kl_sree) Bug Bounty2019-07-112023-06-13
4047Facebook Bug bounty page admin disclose bug {Facebook Android app} Information disclosure Meta / Facebook Yusuf Furkan (@h1_yusuf) Bug Bounty2019-07-122023-06-13
4046Account takeover on Airbnb acquisition | An Unusual Bug Part-2 🐛 IDOR Account takeover Airbnb PRince CHaddha (@princechaddha) Bug Bounty2019-07-132023-06-13
4045Hacking intoTinder’s Premium Model Authorization flaw Tinder Sanskar Jethi (@sansyrox) Bug Bounty2019-07-142023-06-13
4044Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program Blind XSS Tesla Sam Curry (@samwcyo) Bug Bounty2019-07-142023-06-13
4043How I Could Have Hacked Any Instagram Account Race condition Rate limiting bypass Meta / Facebook Laxman Muthiyah (@LaxmanMuthiyah) Bug Bounty2019-07-142023-06-13
4042[TOKOPEDIA] Site-wide CSRF through GraphQL request CSRF Tokopedia Rafie Muhammad (@rafiem777) Bug Bounty2019-07-152023-06-13
4041Facebook Bug : Sending messages as a page with jobmanager permission Authorization flaw Privilege escalation Meta / Facebook Devansh batham (@devanshwolf) Bug Bounty2019-07-152023-06-13
4040500$ bounty: Man in the Middle on Slack MiTM Slack Wiard van Rij / Sysrant (@RijWiard) Bug Bounty2019-07-152023-06-13