Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5197XSS without HTML: Client-Side Template Injection with AngularJS CSTI XSS Google Gareth Heyes (@garethheyes) Bug Bounty2016-01-272023-06-13
5196How I got access to millions of [redacted] accounts RFI NA Bitquark (@bitquark) Bug Bounty2016-02-092023-06-13
5195A Hilarious ESET Broken Authentication Vulnerability (one click free purchase) Authentication flaw SQL injection ESET Mohamed A. Baset Bug Bounty2016-02-122023-06-13
5194How I Hacked [Oculus] OAuth +Ebay +IBM Unrestricted file upload XSS Meta / Facebook Ebay IBM AnswerHub Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-02-122023-06-13
5193Ubiquiti Bug Bounty: UniFi v3.2.10 Generic CSRF Protection Bypass CSRF Ubiquity Networks Julien Ahrens (@MrTuxracer) Bug Bounty2016-02-232023-06-13
5192Hacking Magento eCommerce For Fun And 17.000 USD Information disclosure LFI RFI Adobe Egidio Romano / EgiX Bug Bounty2016-03-032023-06-13
5191SQL Injection On MEGA.NZ SQL injection MEGA Naresh LamGade (@nlamgade) Bug Bounty2016-03-112023-06-13
5190Command injection which got me "6000$" from #Google OS command injection Google Venkatesh Sivakumar (@pranavvenkats) Bug Bounty2016-03-152023-06-13
5189Uber Bug Bounty: Turning Self-XSS into Good-XSS XSS Uber Jack Whitton (@fin1te) Bug Bounty2016-03-222023-06-13
5188How I Could Compromise 4% (Locked) Instagram Accounts IDOR DoS Authorization flaw Meta / Facebook Arne Swinnen (@ArneSwinnen) Bug Bounty2016-03-272023-06-13
5187Watch Paint Dry: How I got a game on the Steam Store without anyone from Valve ever looking at it. Authorization flaw Logic flaw Valve Ruby Nealon (@_ruby) Bug Bounty2016-03-292023-06-13
5186Obtaining Login Tokens for an Outlook, Office or Azure Account CSRF Microsoft Jack Whitton (@fin1te) Bug Bounty2016-04-032023-06-13
5185Facebook Invitees Email Address Disclosure Information disclosure Meta / Facebook Shahar Albeck Bug Bounty2016-04-032023-06-13
5184Yahoo Login Protection Seal – Stored CSS Injection CSS injection Yahoo! / Verizon Media Brett Buerhaus (@bbuerhaus) Bug Bounty2016-04-182023-06-13
5183ESEA Server-Side Request Forgery and Querying AWS Meta Data SSRF ESEA Brett Buerhaus (@bbuerhaus) Bug Bounty2016-04-182023-06-13
5182Facebook ClickJacking – How we put a new dress on Facebook UI Clickjacking Meta / Facebook Mohamed A. Baset Bug Bounty2016-04-222023-06-13
5181Official Telegram Web Client ClickJacking Vulnerability – When crypto is strong and client is weak Clickjacking Telegram Mohamed A. Baset Bug Bounty2016-04-282023-06-13
5180WhatsApp Clickjacking Vulnerability – Yet another web client failure! Clickjacking Meta / Facebook Mohamed A. Baset Bug Bounty2016-05-042023-06-13
5179Facebook movies recommendation vulnerability – A bug capable of erasing all your important notifications! Logic flaw DoS Meta / Facebook Mohamed A. Baset Bug Bounty2016-05-052023-06-13
5178Poisoning the Well – Compromising GoDaddy Customer Support With Blind XSS Blind XSS GoDaddy Matthew Bryant (@IAmMandatory) Bug Bounty2016-05-082023-06-13
5177FirefoxOS Find My Device Service Clickjacking Bug results in Changing PINs, Wiping and Locking Phones! Clickjacking Mozilla Mohamed A. Baset Bug Bounty2016-05-122023-06-13
5176Fiverr.com Full Accounts Takeover – A Vulnerability Puts $50 Million Company At Risk CSRF Fiverr Mohamed A. Baset Bug Bounty2016-05-132023-06-13
5175Facebook Vulnerability – a "Cute Bug" that reveals the "likes" of deleted posts regardless of their privacy settings Logic flaw Meta / Facebook Mohamed Aty (@m_aty) Bug Bounty2016-05-132023-06-13
5174How I bypassed Facebook CSRF once again! CSRF Meta / Facebook Pouya Darabi (@Pouyadarabi) Bug Bounty2016-05-172023-06-13
5173Sleeping stored Google XSS Awakens a $5000 Bounty Stored XSS Google Patrik Fehrenbach (@ITSecurityguard) Bug Bounty2016-05-172023-06-13