Write-ups

Check The Published Writeups

WDBTitleTagsProgramsAuthorsTypePublicationAdded
4947Accessing Localhost via Vhost vHost misconfiguration NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2017-11-042023-06-13
4945Non-persistent XSS at Microsoft -Adesh Kolte Reflected XSS Microsoft Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-052023-06-13
4944Multiple Intel Vulnerabilities-Adesh Kolte Open redirect Directory listing Intel Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-052023-06-13
4943Get your Microsoft account hijacked by simply clicking connect button -Adesh Kolte Stored XSS Microsoft Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-11-062023-06-13
4942From SSRF to Local File Disclosure SSRF Local file disclosure (LFD) NA Tung Pun Bug Bounty2017-11-082023-06-13
4941Local File Read via XSS in Dynamically Generated PDF XSS LFI NA Rahul Maini (@iamnoooob) Bug Bounty2017-11-082023-06-13
4940How to delete all company progress by one "rm" command in AWS s3 Buckets AWS misconfiguration NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2017-11-092023-06-13
4938From Recon to DOM-Based XSS DOM XSS NA Abdelfattah Ibrahim Bug Bounty2017-11-112023-06-13
4937How I Pwned a company using IDOR & Blind XSS IDOR Blind XSS NA Osama Ansari (@AnsariOsama10) Bug Bounty2017-11-152023-06-13
4936How signing up for an account with an @company.com email can have unexpected results Logic flaw NA Zseano (@zseano) Bug Bounty2017-11-152023-06-13
4935Bypassing Crossdomain Policy and Hit Hundreds of Top Alexa Sites CSRF NA Ak1T4 (@akita_zen) Bug Bounty2017-11-162023-06-13
4933SQL in everywhere. SQL injection NA Utkarsh Agrawal (@agrawalsmart7) Bug Bounty2017-11-162023-06-13
4932JWT Refresh Token Manipulation JWT Authentication bypass Account takeover NA Mikail Tunç (@emtunc) Bug Bounty2017-11-162023-06-13
4931Transforming a Domain into the Matrix (an open redirect story) Open redirect NA Ak1T4 (@akita_zen) Bug Bounty2017-11-172023-06-13
4925Story of bypassing Referer Header to make open redirect Open redirect NA Mohammed Eldeeb (@malcolmx0x) Bug Bounty2017-11-222023-06-13
4920DEV XSS Protection bypass made my quickest bounty ever!! XSS NA Yeasir Arafat Bug Bounty2017-12-032023-06-13
4919Getting a RCE — CTF Way RCE NA Rojan Rijal (@uraniumhacker) Bug Bounty2017-12-052023-06-13
4912LFI to 10 servers pwn LFI RCE NA Nirmal Dahal (@TheNittam) Bug Bounty2017-12-192023-06-13
4910P4 to P2 - The story of one blind SSRF Blind SSRF NA Mikhail Klyuchnikov (@__Mn1__) Bug Bounty2017-12-192023-06-13
4908Microsoft SharePoint%27s %27Follow%27 Feature XSS (CVE-2017–8514) -Adesh Kolte XSS Microsoft Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2017-12-212023-06-13
4907Jumping to the hell with 10 attempts to bypass devil%27s WAF XSS NA Ak1T4 (@akita_zen) Bug Bounty2017-12-272023-06-13
4902Content Injection in DuoLingo’s TinyCards App for Android [CVE-2017-16905] Content injection DuoLingo Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2018-01-042023-06-13
4901"F**k you Thomas" - ToyTalk bug bounty writeup Authentication bypass HTML injection ToyTalk Jahmel Harris Bug Bounty2018-01-042023-06-13
4900Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1) IDOR NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2018-01-042023-06-13
4898#BugBounty — How I was able to read chat of users in an Online travel portal IDOR NA Avinash Jain (@logicbomb_1) Bug Bounty2018-01-102023-06-13