| 2987 | $10000 Facebook SSRF (Bug Bounty) |
SSRF |
Meta / Facebook |
Amine Aboud (@amineaboud) |
Bug Bounty | 2020-12-03 | 2023-06-13 |
| 2900 | Story of a really cool SSRF bug. |
SSRF |
NA |
Vedant Tekale (@_justYnot) |
Bug Bounty | 2021-01-13 | 2023-06-13 |
| 2880 | SSRF Exploitation in Libreoffice Spreadsheet File Converter |
SSRF |
NA |
R4id3n (@R4id3n__) |
Bug Bounty | 2021-01-21 | 2023-06-13 |
| 2879 | Story Behind Sweet SSRF. |
SSRF
XSS |
NA |
Rohit Soni (@streetofhacker) |
Bug Bounty | 2021-01-21 | 2023-06-13 |
| 2865 | Finding SSRF BY Full Automation |
SSRF |
NA |
Santosh Kumar Sha (@killmongar1996) |
Bug Bounty | 2021-01-27 | 2023-06-13 |
| 2862 | Bragging Rights(Part 1): Short story of a bug wave |
IDOR
Stored XSS
SSRF
Subdomain takeover
Hardcoded credentials |
NA |
Manas Harsh (@ManasH4rsh) |
Bug Bounty | 2021-01-27 | 2023-06-13 |
| 2832 | Escalating SSRF to RCE |
SSRF
RCE |
NA |
Sander Wind (@SanderWind) |
Bug Bounty | 2021-02-06 | 2023-06-13 |
| 2813 | [GITLAB] — Just another SSRF issue. |
SSRF |
GitLab |
Lyubomir Tsirkov (@lyubo_tsirkov) |
Bug Bounty | 2021-02-13 | 2023-06-13 |
| 2812 | [GITLAB] — Server Side Request Forgery in “Project Import” page. |
SSRF |
GitLab |
Lyubomir Tsirkov (@lyubo_tsirkov) |
Bug Bounty | 2021-02-13 | 2023-06-13 |
| 2765 | SSRF: Bypassing hostname restrictions with fuzzing |
SSRF |
Elastic |
Dominic (@dee__see) |
Bug Bounty | 2021-02-26 | 2023-06-13 |
| 2763 | CVE-2020–13956 |
Blind SSRF
URL parsing issue |
Apache HttpClient |
Priyank (@Rev_Octo) |
Bug Bounty | 2021-02-26 | 2023-06-13 |
| 2752 | SSRF to fetch AWS credentials with full access to multiple services |
SSRF |
NA |
Zonduhackerone (@zonduu1) |
Bug Bounty | 2021-02-28 | 2023-06-13 |
| 2736 | Exploiting a hidden and forgotten Bug |
SSRF |
NA |
Aditya Verma (@0cirius0) |
Bug Bounty | 2021-03-07 | 2023-06-13 |
| 2730 | Write Up – Google VRP N/A: SSRF Bypass With Quadzero In Google Cloud Monitoring |
SSRF |
Google |
Omar Espino (@omespino) |
Bug Bounty | 2021-03-08 | 2023-06-13 |
| 2713 | An unknown Linux secret that turned SSRF to OS Command injection |
SSRF
Command injection |
NA |
secureITmania (@secureitmania) |
Bug Bounty | 2021-03-17 | 2023-06-13 |
| 2707 | How I hacked Facebook: Part Two |
SSRF
Account takeover
Cookie manipulation |
Meta / Facebook |
Alaa Abdulridha (@alaa0x2) |
Bug Bounty | 2021-03-18 | 2023-06-13 |
| 2656 | Chaining an Blind SSRF bug to Get an RCE |
Blind SSRF
RCE |
NA |
Santosh Kumar Sha (@killmongar1996) |
Bug Bounty | 2021-04-07 | 2023-06-13 |
| 2652 | Cookie poisoning leads to DoS and Privacy Violation |
DoS
SSRF |
CS Money |
Benjamin Walter |
Bug Bounty | 2021-04-09 | 2023-06-13 |
| 2627 | Blind SSRF to Port Scanning through response time |
SSRF |
NA |
Harish |
Bug Bounty | 2021-04-19 | 2023-06-13 |
| 2612 | AWS internal metadata accessed through SSRF by Chaining an Open Redirect bug |
SSRF
Open redirect |
NA |
Santosh Kumar Sha (@killmongar1996) |
Bug Bounty | 2021-04-24 | 2023-06-13 |
| 2597 | A tale of Html to Pdf converter ssrf and various bypasses |
SSRF |
NA |
Jatin Aesthetic (@techyfreakk) |
Bug Bounty | 2021-04-29 | 2023-06-13 |
| 2590 | How I got $400 for my first SSRF bug? |
SSRF |
NA |
Usama Varikkottil (@usama_dev) |
Bug Bounty | 2021-05-01 | 2023-06-13 |
| 2588 | SSRF Through PDF Generation |
SSRF |
NA |
Joshua Martinelle (@J0_mart) |
Bug Bounty | 2021-05-01 | 2023-06-13 |
| 2548 | Just Gopher It: Escalating a Blind SSRF to RCE for $15k |
SSRF
RCE |
NA |
SirLeeroyJenkins (@SirLeeroyJenkin) |
Bug Bounty | 2021-05-17 | 2023-06-13 |
| 2542 | SSRF in PDF Renderer using SVG |
SSRF |
NA |
pwn.vg / Tomi (@mastomii) |
Bug Bounty | 2021-05-19 | 2023-06-13 |
