Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3811CORS Misconfiguration to Account TakeOver [Out of scope to grab items In-Scope] CORS misconfiguration Open redirect Reflected XSS Session management issue NA Mashoud1122 (@mashoud1122) Bug Bounty2019-11-242023-06-13
3806Reflected XSS in graph.facebook.com leads to account takeover in IE/Edge Reflected XSS Account takeover Meta / Facebook Youssef Sammouda (@samm0uda) Bug Bounty2019-11-272023-06-13
3777Stored Iframe Injection + CSRF = Account Takeover 😎😎 HTML injection CSRF NA Rounak Dhadiwal (@XploiteR_D) Bug Bounty2019-12-162023-06-13
3770Account Takeover Through Password Reset Poisoning Password reset Account takeover NA Vishal Bharad Bug Bounty2019-12-192023-06-13
3768Full Account Takeover (Android Application) Information disclosure Account takeover NA Vishal Bharad Bug Bounty2019-12-212023-06-13
3764CSRF Token Bypasss — A Tale of my $2k bug CSRF Account takeover NA Adeyefa Oluwatoba (@adeyefa_codes) Bug Bounty2019-12-232023-06-13
3738Account takeover via HTTP Request Smuggling HTTP request smuggling Account takeover Open redirect Internal header disclosure NA hipotermia (@_hipotermia_) Bug Bounty2020-01-032023-06-13
3723How I discovered an interesting account takeover flaw? Account takeover Password reset Lack of rate limiting NA Akash Methani (@0xAkash) Bug Bounty2020-01-142023-06-13
3714User Account Takeover via Signup Feature | Bug Bounty POC Account takeover Logic flaw Authorization flaw NA Muzammil Kayani (@muzammilabbas2) Bug Bounty2020-01-222023-06-13
3682Using CSRF I Got Weird Account Takeover CSRF Account takeover NA Mohamed Sayed (@FlEx0Geek) Bug Bounty2020-02-052023-06-13
3669A Simple IDOR to Account Takeover IDOR Account takeover NA Swapnil Maurya (@swapmaurya20) Bug Bounty2020-02-112023-06-13
3653Tale of Account Takeovers (Part-1) Account takeover HTTP parameter pollution Password reset OTP bypass NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-02-222023-06-13
3648Mail.Ru Ext.B Scope Account Takeover [ $1500 ] Account takeover OAuth Mail.ru Myo Min Thu (@myominthu1337) Bug Bounty2020-02-252023-06-13
3639Account Hijack using Authorization bypass $$$$ Account takeover Authorization flaw NA Bhavesh Thakur (@Bhavesh_Thakur_) Bug Bounty2020-02-282023-06-13
3627Got *Bounty* with Account takeover (ATO ) Unicode-Case Mapping Collision ! Account takeover NA Shaurya Sharma (@ShauryaSharma05) Bug Bounty2020-03-052023-06-13
3615How I was able to bypass the current password? Account takeover CSRF NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2020-03-112023-06-13
3589Self XSS to Account Takeover Account takeover XSS CSRF NA Ch3ckM4te Bug Bounty2020-03-242023-06-13
3583Account Takeover Flow In Mail.ru s Ext.A Domain [ $150 ] Logic flaw Account takeover NA Myo Min Thu (@myominthu1337) Bug Bounty2020-03-262023-06-13
3577OTP Bruteforce- Account Takeover OTP bruteforce Account takeover NA Ranjit Kumar Bug Bounty2020-03-292023-06-13
3567Account Take Over without user Interaction Password reset Information disclosure Account takeover NA Ravilla Bharath Bug Bounty2020-04-022023-06-13
3559How a Simple CSRF Attack Turned into a P1 Level Bug CSRF Account takeover NA Lady Secspeare (@bejuveria_) Bug Bounty2020-04-052023-06-13
3522Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams Account takeover Subdomain takeover Microsoft Omer Tsarfati (@OmerTsarfati) Bug Bounty2020-04-272023-06-13
3516Account taken over in style !!! Logic flaw CSRF Account takeover NA kishore hariram (@kishorehariram) Bug Bounty2020-04-302023-06-13
3483Weak Cryptography in Password Reset to Full Account Takeover Account takeover Password reset Cryptographic issues NA Harsh Bothra (@harshbothra_) Bug Bounty2020-05-152023-06-13
3481Password Reset Poisoning leading to Account Takeover Password reset Account takeover NA Swapnil Maurya (@swapmaurya20) Bug Bounty2020-05-162023-06-13