| 3896 | Bug Hunting: Xss On Cookie Popup Warning |
Reflected XSS |
NA |
vict0ni (@vict0ni) |
Bug Bounty | 2019-09-30 | 2023-06-13 |
| 3895 | One Way to Find Hidden IDOR Vulnerability |
IDOR |
NA |
Vulkey_Chen (@Vulkey_Chen) |
Bug Bounty | 2019-10-01 | 2023-06-13 |
| 3894 | Stealing login credentials with Reflected XSS |
Reflected XSS |
NA |
mehulpanchal007 (@007_sharky) |
Bug Bounty | 2019-10-01 | 2023-06-13 |
| 3893 | How to get RCE on AEM instance without Java knowledge |
RCE |
NA |
byq (@ByQwert) |
Bug Bounty | 2019-10-01 | 2023-06-13 |
| 3892 | How a double-free bug in WhatsApp turns to RCE |
Memory corruption
RCE
Android |
Meta / Facebook |
Awakened |
Bug Bounty | 2019-10-02 | 2023-06-13 |
| 3891 | GraphQL Introspection leads to Sensitive Data Disclosure. |
Information disclosure |
NA |
Pranay Bafna |
Bug Bounty | 2019-10-02 | 2023-06-13 |
| 3890 | REST framework Admin Panel bypass and how I recon for this vulnerability |
Authentication bypass |
NA |
Aziz Hakim (@hackerb0y_) |
Bug Bounty | 2019-10-02 | 2023-06-13 |
| 3889 | How I made 1000$ with AT&T Bug Bounty(H1) |
CSRF
Account takeover |
AT&T |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2019-10-02 | 2023-06-13 |
| 3888 | From Multiple IDORs leading to Code Execution on a different Host Container |
IDOR
RCE |
NA |
Rahul (@Rahul_R95) |
Bug Bounty | 2019-10-04 | 2023-06-13 |
| 3887 | How “Recon” helped Samsung protect their production repositories of SamsungTv, eCommerce / eStores |
Information disclosure |
Samsung |
Prateek Tiwari |
Bug Bounty | 2019-10-05 | 2023-06-13 |
| 3886 | Vulnerability To Bypass Clickjacking Protection In Youtube |
Clickjacking |
Google |
spidersec (@SpiderSec) |
Bug Bounty | 2019-10-06 | 2023-06-13 |
| 3885 | EXIF Geolocation Data Not Stripped From Uploaded Images |
Information disclosure |
NA |
Sourav Newatia (@souravnewatia) |
Bug Bounty | 2019-10-09 | 2023-06-13 |
| 3884 | How i Hacked BASF Company !! |
Missing authentication |
BASF |
Murtada Kamil |
Bug Bounty | 2019-10-10 | 2023-06-13 |
| 3883 | Bypass Uppercase filters like a PRO (XSS Advanced Methods) |
XSS |
NA |
MasterSEC (@MasterSEC_AR) |
Bug Bounty | 2019-10-11 | 2023-06-13 |
| 3882 | Whitehat test accounts can act as Hidden Admin with Business manager / Ad Accounts. |
Authorization flaw |
Meta / Facebook |
Rohit kumar (@rohitcoder) |
Bug Bounty | 2019-10-12 | 2023-06-13 |
| 3881 | Finding SQL injections fast with white-box analysis — a recent bug example |
SQL injection |
Zoho |
Florian Hauser (@frycos) |
Bug Bounty | 2019-10-13 | 2023-06-13 |
| 3880 | An inconsistent CSRF |
CSRF |
NA |
Smaran Chand (@smaranchand) |
Bug Bounty | 2019-10-15 | 2023-06-13 |
| 3879 | How I bypassed 2 Factor Authentication |
MFA bypass |
NA |
Hemant Singh Manral |
Bug Bounty | 2019-10-15 | 2023-06-13 |
| 3878 | How I found RCE But Got Duplicated |
Unrestricted file upload
RCE |
NA |
Smile Hacker |
Bug Bounty | 2019-10-15 | 2023-06-13 |
| 3877 | How I was able to bypass OTP code requirement in Razer [The story of a critical bug] |
OTP bypass |
Razer |
Ananda Dhakal (@dhakal_ananda) |
Bug Bounty | 2019-10-16 | 2023-06-13 |
| 3875 | A Tale of Exploitation in Spreadsheet File Conversions |
Local file disclosure (LFD)
SSRF |
Slack |
Brett Buerhaus (@bbuerhaus) |
Bug Bounty | 2019-10-18 | 2023-06-13 |
| 3874 | Hunting for bounties antihack.me case study |
RCE
XSS
Logic flaw
Information disclosure |
AntiHack.me |
0xSha (@0xsha) |
Bug Bounty | 2019-10-20 | 2023-06-13 |
| 3872 | How PayPal helped me to generate XSS |
Reflected XSS |
Paypal |
Pflash Punk (@PflashPunk) |
Bug Bounty | 2019-10-20 | 2023-06-13 |
| 3871 | [ BUG BOUNTY ] Flaw in Authentication ( Hall of Fame Google ) |
Authentication flaw |
Google |
Danang Tri Atmaja (@danangtriatmj) |
Bug Bounty | 2019-10-21 | 2023-06-13 |
| 3870 | (POC) Disclose members in any closed Facebook group |
Information disclosure |
Meta / Facebook |
Ahmad Talahmeh |
Bug Bounty | 2019-10-22 | 2023-06-13 |
