Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1846Auth Bypass in Google Assistant Information disclosure Authentication bypass Google David Schütz (@xdavidhu) Bug Bounty2022-02-062023-06-13
1789Write Up – Android Application Screen Lock Bypass Via ADB Brute Forcing Android Bruteforce Authentication bypass NA Omar Espino (@omespino) Bug Bounty2022-02-222023-06-13
1781Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager Authentication bypass RCE SSRF Path traversal VMware Egor Dimitrenko (@elk0kc) Bug Bounty2022-02-252023-06-13
1774Password Reset to Admin Access Account takeover Authentication bypass Password reset NA Jesse Clark (@Hogarth45_) Bug Bounty2022-03-012023-06-13
1763WhatsApp Bug Bounty: Bypassing biometric authentication using voip Authentication bypass Meta / Facebook Arvind (@ar_arv1nd) Bug Bounty2022-03-052023-06-13
1754SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access Authentication bypass OS command injection RCE Netgear - Bug Bounty2022-03-092023-06-13
1712Bug Bounty catches part -1 Authentication bypass Information disclosure Broken Access Control NA Bijan Murmu (@0xBijan) Bug Bounty2022-03-202023-06-13
1704Authentication bypass using root array Authentication bypass Information disclosure NA Eslam Akl (@eslam3kll) Bug Bounty2022-03-222023-06-13
1698Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044) XSS Arbitrary file read Authentication bypass OS command injection RCE Netgear stypr (@stereotype32) Bug Bounty2022-03-252023-06-13
1591Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL Cross-tenant vulnerability Privilege escalation Authentication bypass Cloud Microsoft Shir Tamari (@shirtamari) Bug Bounty2022-04-282023-06-13
1574CVE-2022-0540 - Authentication bypass in Seraph Authentication bypass NA Khoa Dinh (@_l0gg) Bug Bounty2022-05-062023-06-13
1511External Authentication bypass in ingress-nginx Path traversal Authentication bypass Kubernetes Niemiec Marcin (@xvnpw) Bug Bounty2022-05-292023-06-13
1485CVE-2022-1040 Sophos XG Firewall Authentication bypass Authentication bypass RCE Sophos Nguyễn Đình Biển (@biennd279) Bug Bounty2022-06-092023-06-13
1483My first CVE-2022–31289 Authentication bypass 403 bypass HTTP response manipulation Sonatype Praveen Mali (@pmmali_) Bug Bounty2022-06-112023-06-13
1437Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006) Authentication bypass Lock screen bypass Google Joshua Nearchos Bug Bounty2022-06-232023-06-13
1416Pwning ManageEngine — From PoC to Exploit: A deep dive into CVE-2020–11531 and CVE-2020–11532 Path traversal RCE Authentication bypass Zoho Erik Wynter (@WynterErik) Bug Bounty2022-06-282023-06-13
1405Admin account takeover via weird Password Reset Functionality Account takeover Authentication bypass Password reset NA Mahmoud Youssef (@0xmahmoudjo0) Bug Bounty2022-07-022023-06-13
1390Account Takeover via Response Manipulation Authentication bypass Account takeover MFA bypass HTTP response manipulation NA BUG HUNTER Bug Bounty2022-07-082023-06-13
1338Riding The Inforail To Exploit Ivanti Avalanche RCE Insecure deserialization Race condition Authentication bypass Ivanti Piotr Bazydło (@chudyPB) Bug Bounty2022-07-192023-06-13
1331Pwn2Own Miami 2022: Inductive Automation Remote Code Execution RCE Authentication bypass Inductive Automation Ignition Sector 7 (@sector7_nl) Bug Bounty2022-07-222023-06-13
1319With Management Comes Risk: Finding Flaws in FileWave MDM Authentication bypass Hardcoded credentials Information disclosure Filewave Claroty%27s Team82 (@Claroty) Bug Bounty2022-07-252023-06-13
1311Advisory | Roxy-WI Unauthenticated Remote Code Executions CVE-2022-31137 RCE Authentication bypass Roxy-WI Nuri Çilengir (@ncilengir) Bug Bounty2022-07-262023-06-13
1265Dancing on the architecture of VMware Workspace ONE Access (ENG) Authentication bypass SQL injection RCE VMware Petrus Viet (@VietPetrus) Bug Bounty2022-08-092023-06-13
1264From Shared Dash to Root Bash :: Pre-Authenticated RCE in VMWare vRealize Operations Manager Authentication bypass Information disclosure Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-092023-06-13
1245IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit Authentication bypass Information disclosure CSRF RCE Local Privilege Escalation VMware Steven Seeley (@steventseeley) Bug Bounty2022-08-112023-06-13