| 4216 | Edmodo — IDOR to view private files of any class |
IDOR |
Edmodo |
Rohan Pagey (@rohan_x3) |
Bug Bounty | 2019-04-06 | 2023-06-13 |
| 4203 | How I gained access to revenue and traffic data of thousands of Shopify stores |
IDOR |
Shopify |
Ayoub Fathi (@_ayoubfathi_) |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4197 | A $5000 IDOR… |
IDOR |
NA |
Mr.Hacker (@mr_hacker0007) |
Bug Bounty | 2019-04-16 | 2023-06-13 |
| 4116 | IDOR Leads To Project Takeover |
IDOR |
NA |
Hariharan.s (@DJHARIZ1) |
Bug Bounty | 2019-06-09 | 2023-06-13 |
| 4115 | Account takeover using IDOR and the misleading case of error 403. |
IDOR |
NA |
Plenum (@plenumlab) |
Bug Bounty | 2019-06-11 | 2023-06-13 |
| 4110 | How spending our Saturday hacking earned us 20k |
IDOR |
NA |
Matti Bijnens (@MattiBijnens) |
Bug Bounty | 2019-06-14 | 2023-06-13 |
| 4109 | IDOR — Account Takeover |
IDOR |
NA |
Saad Ahmed (@XSaadAhmedX) |
Bug Bounty | 2019-06-14 | 2023-06-13 |
| 4086 | IDOR: Payment Fraud |
IDOR
Payment tampering |
NA |
Vibhurushi Chotaliya (@_Vibhurushi_) |
Bug Bounty | 2019-06-20 | 2023-06-13 |
| 4080 | Password Reset Vulnerability — Full Account takeover (Insecure Direct Object Reference) |
Password reset
IDOR
Account takeover |
NA |
Muhammad Asim Shahzad (@protector47) |
Bug Bounty | 2019-06-22 | 2023-06-13 |
| 4066 | Accidental IDOR |
IDOR |
NA |
Saad Ahmed (@XSaadAhmedX) |
Bug Bounty | 2019-07-01 | 2023-06-13 |
| 4051 | Tale of account takeover — Sensitive info Disclosure + Broken Access Control |
IDOR
Account takeover |
NA |
Md Saqib (@sakyb7) |
Bug Bounty | 2019-07-10 | 2023-06-13 |
| 4046 | Account takeover on Airbnb acquisition | An Unusual Bug Part-2 🐛 |
IDOR
Account takeover |
Airbnb |
PRince CHaddha (@princechaddha) |
Bug Bounty | 2019-07-13 | 2023-06-13 |
| 4039 | The Bugs Are Out There, Hiding in Plain Sight |
IDOR
SSRF
Information disclosure
CORS misconfiguration |
NA |
A Bug’z Life (@abugzlife1) |
Bug Bounty | 2019-07-15 | 2023-06-13 |
| 4014 | Full Account Takeover via Changing Email And Password of any User through API Parameters |
IDOR
Password reset
Account takeover |
NA |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2019-07-26 | 2023-06-13 |
| 4008 | Story of an IDOR via Email |
IDOR |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-07-29 | 2023-06-13 |
| 4007 | 1st Bounty Story | Rewarded 300$ (IDOR) |
IDOR |
NA |
Md Hridoy |
Bug Bounty | 2019-07-29 | 2023-06-13 |
| 4005 | Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts |
IDOR |
Paypal |
Mohd haji (@mohdhaji24) |
Bug Bounty | 2019-07-30 | 2023-06-13 |
| 3982 | Read other user support tickets in https://support..com (Write Up) |
IDOR |
NA |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2019-08-09 | 2023-06-13 |
| 3933 | Accessing 2 million Verizon Pay Monthly contracts |
Information disclosure
Authentication bypass
IDOR |
Yahoo! / Verizon Media |
Daley Bee (@daley) |
Bug Bounty | 2019-09-09 | 2023-06-13 |
| 3908 | A Simple bypass of Registration Activation that Lead to many Bug - |
Information disclosure
IDOR
CSRF |
NA |
YoKo Kho (@YokoAcc) |
Bug Bounty | 2019-09-21 | 2023-06-13 |
| 3898 | Stories Of IDOR |
IDOR |
NA |
Shivbihari Pandey (@ninja_pandit_) |
Bug Bounty | 2019-09-28 | 2023-06-13 |
| 3895 | One Way to Find Hidden IDOR Vulnerability |
IDOR |
NA |
Vulkey_Chen (@Vulkey_Chen) |
Bug Bounty | 2019-10-01 | 2023-06-13 |
| 3888 | From Multiple IDORs leading to Code Execution on a different Host Container |
IDOR
RCE |
NA |
Rahul (@Rahul_R95) |
Bug Bounty | 2019-10-04 | 2023-06-13 |
| 3835 | Chains on Chains!! Chaining several IDOR’s into Account Takeover(PART ONE) |
IDOR |
NA |
Daniel Marte (@DanielM59720745) |
Bug Bounty | 2019-11-15 | 2023-06-13 |
| 3833 | [Writeup][Bug Bounty][Tokopedia] Manipulation of Likes in Product Reviews [EN] |
IDOR |
Tokopedia |
Muhammad Thomas Fadhila Yahya (@fadhilthomas) |
Bug Bounty | 2019-11-15 | 2023-06-13 |
