Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4039The Bugs Are Out There, Hiding in Plain Sight IDOR SSRF Information disclosure CORS misconfiguration NA A Bug’z Life (@abugzlife1) Bug Bounty2019-07-152023-06-13
4038How I Could Get The Instagram Username of Anyone on Tinder Information disclosure Tinder Shahar Albeck Bug Bounty2019-07-162023-06-13
4037What do Netcat, SMTP and self XSS have in common? Stored XSS Stored XSS NA Plenum (@plenumlab) Bug Bounty2019-07-162023-06-13
4036Bypass CSRF With ClickJacking Worth $1250 CSRF Clickjacking NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2019-07-162023-06-13
4035CSRF Email Confirmation Vulnerability for Gmail & G-Suite in Facebook CSRF Meta / Facebook Lokesh Kumar (@lokeshdlk77) Bug Bounty2019-07-162023-06-13
4034Facebook Informative Bug From Triaged Lack of rate limiting Meta / Facebook Circle Ninja (@circleninja) Bug Bounty2019-07-172023-06-13
4033How Recon helped me to to find a Facebook domain takeover Subdomain takeover Meta / Facebook Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2019-07-172023-06-13
4032Account Takeover Vulnerability :) Password reset Account takeover NA Sumit Jain (@sumit_cfe) Bug Bounty2019-07-172023-06-13
4031Сookie-based XSS exploitation | $2300 Bug Bounty story XSS NA Max (@iSecMax) Bug Bounty2019-07-172023-06-13
4030How to lock a GitHub user out of their repos (bug or feature?) DoS GitHub Teserakt AG Bug Bounty2019-07-182023-06-13
4029SQL Injection in Forget Password Function SQL injection NA Khaled Gaber Bug Bounty2019-07-182023-06-13
4028Microsoft Office 365 - Outlook XSS XSS Microsoft Abdulrahman Alqabandi (@Qab) Bug Bounty2019-07-192023-06-13
4027Microsoft ID Open Redirect Open redirect Microsoft Burninator Sec Bug Bounty2019-07-192023-06-13
4025Exploiting a Tricky Blind SQL Injection inside LIMIT clause SQL injection NA Rahul Maini (@iamnoooob) Bug Bounty2019-07-212023-06-13
4024Shopping Products For Free- Parameter Tampering Vulnerability Parameter tampering Payment tampering NA D1vy4n5hu 5hukl4 (@justm0rph3u5) Bug Bounty2019-07-212023-06-13
4022Not a fancy bug, just HTML Injection in Clause - clause.io (Write Up) HTML injection Clause Evan Ricafort (@evanricafort) Bug Bounty2019-07-212023-06-13
4021Reflected XSS in Ebay.com Reflected XSS Ebay Sukhmeet Singh (@MadGuyyy) Bug Bounty2019-07-222023-06-13
4020XSS On Twitter [Worth 1120$] XSS NA Bywalks (@bywalkss) Bug Bounty2019-07-222023-06-13
4019Pwning child company to get access to ParentCompany%27s Slack Team SQL injection Default credentials NA Parth Malhotra (@Parth_Malhotra)< Bug Bounty2019-07-232023-06-13
4018XX to XXX in one day Account takeover Parameter tampering WePay Baibhav Anand (@SpongeBhav) Bug Bounty2019-07-232023-06-13
4017Disclose any main and 3rd party contributors email address and movie local path thru XML file in Plex TV - plex.tv (Write Up) Information disclosure Internal path disclosure Plex Evan Ricafort (@evanricafort) Bug Bounty2019-07-242023-06-13
4016How I found the most critical bug in live bug bounty event? Password reset Account takeover NA Lakshay (@inn0c3ntd3v1L) Bug Bounty2019-07-242023-06-13
4015Price Parameter Tampering On Bukalapak Parameter tampering Payment tampering Bukalapak apapedulimu / Nosa Shandy (@LocalHost31337) Bug Bounty2019-07-242023-06-13
4014Full Account Takeover via Changing Email And Password of any User through API Parameters IDOR Password reset Account takeover NA Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2019-07-262023-06-13
4013Facebook BugBounty: Tale of an Instagram bug disclosing user’s phone number via checkpoint Information disclosure Meta / Facebook Bijan Murmu (@0xBijan) Bug Bounty2019-07-262023-06-13