Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3615How I was able to bypass the current password? Account takeover CSRF NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2020-03-112023-06-13
3595Hacking — Always Check the Cross-domain Policy SOP bypass CSRF Starbucks Jack Bug Bounty2020-03-192023-06-13
3589Self XSS to Account Takeover Account takeover XSS CSRF NA Ch3ckM4te Bug Bounty2020-03-242023-06-13
3566Always escalate! From Self-XSS to Persistent XSS on Login Portal Self-XSS CSRF NA Phuriphat Boontanon (@zanezenzane) Bug Bounty2020-04-022023-06-13
3559How a Simple CSRF Attack Turned into a P1 Level Bug CSRF Account takeover NA Lady Secspeare (@bejuveria_) Bug Bounty2020-04-052023-06-13
3540CSRF to RCE bug chain in Prestashop v1.7.6.4 and below RCE CSRF Stored XSS Unrestricted file upload PrestaShop Sivanesh Ashok (@sivaneshashok) Bug Bounty2020-04-182023-06-13
3516Account taken over in style !!! Logic flaw CSRF Account takeover NA kishore hariram (@kishorehariram) Bug Bounty2020-04-302023-06-13
3474Cors Blimey: The power of chaining CORS CORS misconfiguration Stored XSS CSRF NA Hazana (@hazanasec) Bug Bounty2020-05-172023-06-13
3432How I leveraged an interesting CSRF vulnerability to turn self XSS into a persistent attack? Self-XSS CSRF NA Akash Methani (@0xAkash) Bug Bounty2020-06-012023-06-13
3414How i earned $500 from google by change one character . CSRF Google Oday Alhalbe Bug Bounty2020-06-062023-06-13
3400Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts :D CSRF NA Harsh Bothra (@harshbothra_) Bug Bounty2020-06-122023-06-13
3339CSRF Attack!!! CSRF NA Bala Praneeth (@Begin_hunt) Bug Bounty2020-07-042023-06-13
3338EN | Account Takeover and Sensitive Data Leakage via CORS Misconfiguration CORS misconfiguration CSRF Account takeover NA Lütfü Mert Ceylan (@lutfumertceylan) Bug Bounty2020-07-042023-06-13
3316Tenda AC15 AC1900 Vulnerabilities Discovered and Exploited CSRF XSS Hardcoded credentials RCE Tenda Sanjana Sarda Bug Bounty2020-07-102023-06-13
3276CSRF + Open Redirect To Account Takeover CSRF Open redirect Account takeover NA R29k (@R29k_) Bug Bounty2020-07-282023-06-13
3267Zoom Security Exploit – Cracking private meeting passwords CSRF Lack of rate limiting Zoom Tom Anthony (@TomAnthonySEO) Bug Bounty2020-07-292023-06-13
3257Refocusing in bug hunting, Bonus: An interestingly simple to test CSRF bypass CSRF NA Vuk Ivanovic Bug Bounty2020-08-012023-06-13
3247CSRF PoC mistake that broke crucial functions for the end user/victim Logic flaw NA Vuk Ivanovic Bug Bounty2020-08-052023-06-13
3223Journey to my First Bug Hunt$$$$ CSRF NA Bala Praneeth (@Begin_hunt) Bug Bounty2020-08-132023-06-13
3183Unhiding the hidden Client-side enforcement of server-side security Authorization flaw CSRF NA I am Broot Bug Bounty2020-08-312023-06-13
3171My first bug in google and how i got CSRF token for victim account rather than bypass it ($1337)! CSRF Google Oday Alhalbe Bug Bounty2020-09-072023-06-13
3154My First Bug Bounty From Bug Bounty Platform redstorm.io CSRF RedStorm Novan Aziz Ramadhan (@novan_rmd) Bug Bounty2020-09-172023-06-13
3111Research: The mass CSRFing of *.google.com/* products. CSRF Google Missoum Said (@missoum1307) Bug Bounty2020-10-072023-06-13
3094Weaponizing XSS For Fun & Profit XSS CSRF NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2020-10-142023-06-13
2990Site Wide CSRF On Glassdoor CSRF Glassdoor Tabahi (@_tabahi) Bug Bounty2020-12-032023-06-13