Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2612AWS internal metadata accessed through SSRF by Chaining an Open Redirect bug SSRF Open redirect NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-04-242023-06-13
2610From Wayback Machine To Account Takeover Account takeover Password reset Open redirect NA Demon (@R29k_) Bug Bounty2021-04-252023-06-13
2607From Wayback Machine To Account Takeover Open redirect Account takeover NA Demon (@R29k_) Bug Bounty2021-04-252023-06-13
2592Facebook account takeover due to unsafe redirects after the OAuth flow OAuth Open redirect Account takeover Meta / Facebook Youssef Sammouda (@samm0uda) Bug Bounty2021-04-302023-06-13
2578XSS Through Parameter Pollution Open redirect XSS HTTP parameter pollution NA Saajan Bhujel (@saajanbhujel11) Bug Bounty2021-05-052023-06-13
2508Exploiting Open Redirect - Whitelist Bypass Using Salesforce Environment Open redirect Token theft Salesforce NA Gaurav Nayak (@4auvar) Bug Bounty2021-06-022023-06-13
2399Hacking Xiaomi%27S Android Apps - Part 1 Android Information disclosure Open redirect Privacy issue Xiaomi Ameya (@iamTakeMyHand) Bug Bounty2021-07-192023-06-13
2373Chaining Open Redirect with XSS to Account Takeover Open redirect XSS Account takeover NA Radian ID Bug Bounty2021-07-292023-06-13
2372How I could have hacked your medium account by phishing your FB, Twitter & Google credentials. Open redirect OAuth Medium Renganathan (@IamRenganathan) Bug Bounty2021-07-292023-06-13
2347How I found Open Redirect on Hashnode.com Open redirect Hashnode Jefferson Gonzales (@gonzxph) Bug Bounty2021-08-052023-06-13
23231st Bug Bounty WriteUp: Open Redirect To XSS on Login Page Open redirect XSS NA Nassim Chami (@nvccim) Bug Bounty2021-08-152023-06-13
2250Eye for an eye: Unusual single click JWT token takeover Open redirect JWT Account takeover JetBrains Yurii Sanin (@SaninYurii) Bug Bounty2021-09-052023-06-13
2158How I got $500 with Open redirect Open redirect NA khan mamun (@mamunwhh) Bug Bounty2021-10-102023-06-13
2097SONY Hunting I: Discovering Hidden Parameters (5x SWAG) Open redirect Sony can1337 (@canmustdie) Bug Bounty2021-11-072023-06-13
2061Open Redirect Vulnerability On Zapier: An Accidental Find Open redirect Zapier Monish Basaniwal Bug Bounty2021-11-212023-06-13
2003Open Redirection - QR Code Magic Open redirect NA Jerry Shah (@Jerry) Bug Bounty2021-12-112023-06-13
1955Bug Hunting Journey of 2021 Stored XSS Open redirect Token leak CSRF Logic flaw Information disclosure IDOR Account takeover NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2021-12-312023-06-13
1857A technique to semi-automatically find vulnerabilities in WordPress plugins XSS SQL injection Open redirect CSRF NA kazet (@kazet1234) Bug Bounty2022-02-032023-06-13
1843What I Found on Sony Vulnerability Disclosure Program Information disclosure Lack of rate limiting Open redirect IDOR XSS Sony Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-02-072023-06-13
1742A Tale of Open Redirection to Stored XSS Stored XSS Open redirect NA Tushar Sharma (@tusharSharma_0) Bug Bounty2022-03-122023-06-13
1741Open Redirect via Sendgrid Email Misconfiguration Open redirect NA Rifqi Hilmy Zhafrant Bug Bounty2022-03-132023-06-13
1739Party time: Injecting code into Teleparty extension HTML injection Open redirect Browser extension hacking Teleparty Wladimir Palant (@WPalant) Bug Bounty2022-03-142023-06-13
1676Small bugs are more dangerous than you think Self-XSS Stored XSS Open redirect CSRF NA Liv Matan (@terminatorLM) Bug Bounty2022-04-012023-06-13
1615Full Account Takeover via Open Redirection Open redirect Token leak Account takeover OAuth NA vFlexo (@vflexo) Bug Bounty2022-04-172023-06-13
1611Adobe Acrobat hollowing out same-origin policy XSS SOP bypass Open redirect postMessage Adobe Wladimir Palant (@WPalant) Bug Bounty2022-04-192023-06-13