Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3808Getting access to disabled/hidden features with the help of Burpsuite Match and Replace settings Authorization flaw NA Johns Simon (@Johnssimon22) Bug Bounty2019-11-272023-06-13
3801Dank Writeup On Broken Access Control On An Indian Startup Unrestricted file upload Authorization flaw NA Divyanshu Shukla (@justm0rph3u5) Bug Bounty2019-11-302023-06-13
3780Authorization bug that every bug hunter missed on a popular program Authorization flaw NA Ajinkya Pathare (@fellchase) Bug Bounty2019-12-152023-06-13
3753Bypassing Brand Collabs Manager Eligibility on Facebook Authorization flaw Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2019-12-262023-06-13
3720Adding a malicious notebook to be treated like a trusted notebook in Google Colab — 1337$ Authorization flaw Logic flaw Google Raushan Raj (@raushan_rajj) Bug Bounty2020-01-172023-06-13
3719How I accidentally found Bug in Google Search Console Logic flaw Authorization flaw Google Tomi (@noobe_io) Bug Bounty2020-01-182023-06-13
3714User Account Takeover via Signup Feature | Bug Bounty POC Account takeover Logic flaw Authorization flaw NA Muzammil Kayani (@muzammilabbas2) Bug Bounty2020-01-222023-06-13
3692Tumblr Bug Bounty ( $200) Unrestricted file upload XSS Authorization flaw Automattic Myo Min Thu (@myominthu1337) Bug Bounty2020-02-022023-06-13
3684Hijacking shared report links in Google Data Studio Authorization flaw Google sushiwushi (@sushiwushi2) Bug Bounty2020-02-052023-06-13
3654Hunting Tesla Model Y Secrets in the Parts Catalog Authorization flaw Tesla Evan Connelly (@Evan_Connelly) Bug Bounty2020-02-222023-06-13
3640Page Admin Disclosure via an Upgraded Page Post Authorization flaw Information disclosure Meta / Facebook Dan Fabro (@0x61_) Bug Bounty2020-02-282023-06-13
3639Account Hijack using Authorization bypass $$$$ Account takeover Authorization flaw NA Bhavesh Thakur (@Bhavesh_Thakur_) Bug Bounty2020-02-282023-06-13
3634SQL Injection Via Stopping the redirection to a login page SQL injection Authorization flaw NA Abde Ouabala (@4mgh0z) Bug Bounty2020-03-032023-06-13
3575Restriction is not a promise : Privilege escalation on Google. Privilege escalation Authorization flaw Google Hariharan.s (@DJHARIZ1) Bug Bounty2020-03-302023-06-13
3541How was i able to find privilege escalation. IDOR Authorization flaw NA Akshar Tank (@Akshar__tank) Bug Bounty2020-04-182023-06-13
3531Hiding ourself in close friend’s list and avoiding victim to remove us from his close friend’s list. Authorization flaw Logic flaw Meta / Facebook Baibhav Anand (@SpongeBhav) Bug Bounty2020-04-232023-06-13
3530Messenger Rooms Bug Bounty Write-up Privilege escalation Authorization flaw Meta / Facebook Jane Manchun Wong (@wongmjane) Bug Bounty2020-04-242023-06-13
3511Ok Google! bypass flag_secure’ Authorization flaw Google Pankaj Upadhyay (@_pupadhyay) Bug Bounty2020-05-012023-06-13
3506Private Dashboards were accessible by other Admins in Analytics Dashboard Authorization flaw Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2020-05-022023-06-13
3499A tale of verbose error message and a JWT token Information disclosure Authorization flaw NA Marek Geleta (@marek_geleta) Bug Bounty2020-05-052023-06-13
3466Easy bounties with subdomain discovery - Using Project Sonar for bug bounty Broken access control Authorization flaw Bpost Torben Capiau (@TorbenCapiau) Bug Bounty2020-05-202023-06-13
3465Become member of close & public group Authorization flaw Logic flaw Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2020-05-202023-06-13
3463Bypassing Message Request inbox Authorization flaw Logic flaw Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2020-05-212023-06-13
3332Case Study I - Browser Anomaly with Facebook Apps -1500$ Authorization flaw Meta / Facebook easySIEM (@easySIEM) Bug Bounty2020-07-052023-06-13
3320Global grant uri in Android 8.0-9.0 (2018 year) Authorization flaw Google Dzmitry Lukyanenka (@vulnano) Bug Bounty2020-07-092023-06-13