Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4012Story about Facebook Oauth Account Takeover Account takeover OAuth iLOTTE Zerb0a Bug Bounty2019-07-262023-06-13
4011Solr Injection by abusing Local Parameters on Zomato.com Solr injection Zomato Ronak Patel (@ronak_9889) Bug Bounty2019-07-272023-06-13
4010Chaining Cache Poisoning To Stored XSS Web cache poisoning Stored XSS NA Rohan aggarwal (@nahoragg) Bug Bounty2019-07-282023-06-13
4009Old GitHub Profile Takeover! Github account takeover NA Mohamed Haron (@m7mdharon) Bug Bounty2019-07-282023-06-13
4008Story of an IDOR via Email IDOR NA Shuaib Oladigbolu (@_sawzeeyy) Bug Bounty2019-07-292023-06-13
40071st Bounty Story | Rewarded 300$ (IDOR) IDOR NA Md Hridoy Bug Bounty2019-07-292023-06-13
4006SQL Injection in private-site.com/login.php SQL injection NA Mohamed Haron (@m7mdharon) Bug Bounty2019-07-302023-06-13
4005Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts IDOR Paypal Mohd haji (@mohdhaji24) Bug Bounty2019-07-302023-06-13
4004Reposted [2019]: Hacking YouTube for #fun and #profit Authorization flaw Google Alexandru Coltuneac (@dekeeu) Bug Bounty2019-07-302023-06-13
4003Reposted [2017]: LinkedIn Hacker’s Experience Stored XSS LinkedIn Alexandru Coltuneac (@dekeeu) Bug Bounty2019-07-302023-06-13
4002RCE in Ruby using Mustache Templates RCE NA Rhys Elsmore (@rhyselsmore) Bug Bounty2019-08-012023-06-13
4001Bypassing CORS CORS misconfiguration NA Saad Ahmed (@XSaadAhmedX) Bug Bounty2019-08-012023-06-13
3996One Misconfig (JIRA) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies! Information disclosure NA Avinash Jain (@logicbomb_1) Bug Bounty2019-08-022023-06-13
3995From Sub domain Takeover to Open-Redirect Subdomain takeover Open redirect NA Anil Tom (mr_4nk) Bug Bounty2019-08-022023-06-13
3994No Rate limiting eligible for bounty ? Lack of rate limiting NA Smaran Chand (@smaranchand) Bug Bounty2019-08-032023-06-13
3993How I Found XSS By Searching In Shodan Reflected XSS NA D1vy4n5hu 5hukl4 (@justm0rph3u5) Bug Bounty2019-08-042023-06-13
3992Leveraging AngularJS-based XSS to Privilege Escalation XSS Privilege escalation NA Shawar Khan (@ShawarkOFFICIAL) Bug Bounty2019-08-042023-06-13
3991Stored XSS on LaporBug.id Stored XSS LaporBug.id rizal (@sayadarijawa) Bug Bounty2019-08-052023-06-13
3990BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error) Race condition Logic flaw NA Oleksandr Opanasiuk (@Lekssik2) Bug Bounty2019-08-052023-06-13
3989Exploiting Out Of Band XXE using internal network and php wrappers XXE NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2019-08-062023-06-13
3988self XSS to stored XSS [ think out the box] Self-XSS Stored XSS TIBCO Abdelhak Kharroubi Bug Bounty2019-08-062023-06-13
3987CRLF injection allow => cookie injection in root domain & xss CRLF injection Bukalapak Abdelhak Kharroubi Bug Bounty2019-08-062023-06-13
3986break and bypass verification email Open redirect Email verification bypass Weak crypto Bukalapak Abdelhak Kharroubi Bug Bounty2019-08-072023-06-13
3985LAN-Based Blind SSRF Attack Primitive for Windows Systems (switcheroo) SSRF Microsoft initstring (@init_string) Bug Bounty2019-08-092023-06-13
3984Writing my Medium blog to complete account takeover Stored XSS Account takeover Medium Rotem Reiss (@rotem_reiss) Bug Bounty2019-08-092023-06-13