Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2856Analysing Crash Messages To Achieve Blind Root Command Injection OS command injection NA Shawar Khan (@ShawarkOFFICIAL) Bug Bounty2021-01-282023-06-13
2855Launching Internal & Non-Exported Deeplinks On Facebook CSRF Meta / Facebook Ashley King (@AshleyKingUK) Bug Bounty2021-01-282023-06-13
2854Destroying Armies and Villages through Cross-Site Scripting - Bug Bounty Write-up Stored XSS InnoGames Fábio Freitas (@0xfabiof) Bug Bounty2021-01-292023-06-13
2853Broken Access Control & Stored XSS - Easy Hunt Stored XSS IDOR NA Kabeer (@iTheKabeer) Bug Bounty2021-01-292023-06-13
2852How I chained P4 To P2 [Open Redirection To Full Account Takeover] Open redirect Account takeover NA Bishal Shrestha (@bishal0x01) Bug Bounty2021-01-302023-06-13
2851Android apk leaks access token to takeover the whole infrastructure Information disclosure Hardcoded credentials Android NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-01-302023-06-13
2850An Interesting Account Takeover Vulnerability IDOR Account takeover NA Avanish Pathak (@avanish46) Bug Bounty2021-01-302023-06-13
2849An unexpected bug Bruteforce NA Nitin yadav (@Nitinydv14) Bug Bounty2021-01-312023-06-13
2848An Account Takeover Vulnerability Due to Response Manipulation. Authentication bypass Account takeover NA Avanish Pathak (@avanish46) Bug Bounty2021-01-312023-06-13
2842Stealing Chat session ID with CORS and execute CSRF attack CSRF CORS misconfiguration NA Sunil Yedla (@sunilyedla2) Bug Bounty2021-02-022023-06-13
2841CVE-2020-9759 - Getting root on webOS Local Privilege Escalation Browser hacking LG Andreas Lindh (@addelindh) Bug Bounty2021-02-032023-06-13
2840How I was able to Turn a XSS into a Account Takeover Web cache poisoning Stored XSS Account takeover OAuth Logic flaw NA Josh Fam (@Pullerze) Bug Bounty2021-02-032023-06-13
2838Open Redirect vulnerability found using link parameter Open redirect NA Muhammad Aamir (@Muhammad__Aamir) Bug Bounty2021-02-042023-06-13
2836Redwood Report2Web XSS and Frame injection Reflected XSS Frame injection NA vict0ni (@vict0ni) Bug Bounty2021-02-042023-06-13
2832Escalating SSRF to RCE SSRF RCE NA Sander Wind (@SanderWind) Bug Bounty2021-02-062023-06-13
2831How I Gain Access to the Server Administration of a Million-Dollar Company Privilege escalation Mass assignment NA Marx Chryz Del Mundo Bug Bounty2021-02-082023-06-13
2830Reflected XSS on a Public Program Reflected XSS NA Naveen J (@thevillagehackr) Bug Bounty2021-02-082023-06-13
2829Bigbasket Bug Bounty Writeup Insecure data storage Android NA Lohith Gowda M (@lohi_gowda_) Bug Bounty2021-02-082023-06-13
2828Duplicate Registration - The Twinning Twins Account takeover Authentication flaw NA Jerry Shah (@Jerry) Bug Bounty2021-02-082023-06-13
2827Abusing URI Parsers for fun and profit URL validation bypass NA Mohammad Owais (@_mohammadowais) Bug Bounty2021-02-082023-06-13
2825Self-XSS to rXSS via Uploaded File Name Self-XSS Reflected XSS NA P4nda (@InfoSecP4nda) Bug Bounty2021-02-092023-06-13
2821Fastest Subdomain Take Over & DNS Misconfiguration Hunt. Subdomain takeover DNS zone transfer NA Kabeer (@iTheKabeer) Bug Bounty2021-02-102023-06-13
2816How I was able to get extra coins Logic flaw Android NA Saddam Hussain (@wisdomfreak1) Bug Bounty2021-02-122023-06-13
2815[GITLAB] — Denial of service via “Login Panel” functionality. Application-level DoS GitLab Lyubomir Tsirkov (@lyubo_tsirkov) Bug Bounty2021-02-122023-06-13
2814OAuth Misconfiguration Leads to Full Account takeover OAuth Clickjacking CSRF Account takeover NA Yasser Mohammed (@boomneroli) Bug Bounty2021-02-132023-06-13