| 3792 | Media deletion CSRF vulnerability on Instagram |
CSRF |
Meta / Facebook |
Pouya Darabi (@Pouyadarabi) |
Bug Bounty | 2019-12-09 | 2023-06-13 |
| 3791 | Authentication Bypass |
MFA bypass |
NA |
Rushiikesh (@u1tran00b) |
Bug Bounty | 2019-12-09 | 2023-06-13 |
| 3789 | AirDoS: Remotely render any nearby iPhone or iPad unusable |
DoS |
Apple |
Kishan Bagaria (@KishanBagaria) |
Bug Bounty | 2019-12-10 | 2023-06-13 |
| 3788 | Blind XSS (A mind game to win the battle) |
Blind XSS |
NA |
Dirtycoder (@dirtycoder0124) |
Bug Bounty | 2019-12-11 | 2023-06-13 |
| 3787 | SSRF via FFmpeg HLS processing |
SSRF |
NA |
Pflash Punk (@PflashPunk) |
Bug Bounty | 2019-12-11 | 2023-06-13 |
| 3786 | A $25 Easy Bug. |
Session management issue |
NA |
Navneet (@na5n33t) |
Bug Bounty | 2019-12-12 | 2023-06-13 |
| 3785 | $500 getClass |
Sandbox bypass |
Google |
Ezequiel Pereira (@epereiralopez) |
Bug Bounty | 2019-12-12 | 2023-06-13 |
| 3784 | Multiple Host Header Attacks after bypassing protection with… a Header Attack |
Host header injection |
NA |
vict0ni (@vict0ni) |
Bug Bounty | 2019-12-12 | 2023-06-13 |
| 3783 | Facebook New Account Verification Bypass |
Authentication bypass |
Meta / Facebook |
Santosh Baral (@santoshbrl5) |
Bug Bounty | 2019-12-13 | 2023-06-13 |
| 3782 | How I was able to find a logical bug on Instagram? |
Logic flaw |
Meta / Facebook |
Jabir Khan (@Jabirkhan0x0) |
Bug Bounty | 2019-12-13 | 2023-06-13 |
| 3781 | Vimeo upload function SSRF |
SSRF |
NA |
Sayed Abdelhafiz (@dPhoeniixx) |
Bug Bounty | 2019-12-15 | 2023-06-13 |
| 3780 | Authorization bug that every bug hunter missed on a popular program |
Authorization flaw |
NA |
Ajinkya Pathare (@fellchase) |
Bug Bounty | 2019-12-15 | 2023-06-13 |
| 3779 | 4 Google Cloud Shell bugs explained |
RCE |
Google |
wtm@offensi.com (@wtm_offensi) |
Bug Bounty | 2019-12-16 | 2023-06-13 |
| 3778 | How I Took Over 2 Subdomains with Azure CDN Profiles |
Subdomain takeover |
NA |
m0chan (@m0chan98) |
Bug Bounty | 2019-12-16 | 2023-06-13 |
| 3777 | Stored Iframe Injection + CSRF = Account Takeover 😎😎 |
HTML injection
CSRF |
NA |
Rounak Dhadiwal (@XploiteR_D) |
Bug Bounty | 2019-12-16 | 2023-06-13 |
| 3776 | Inf0rM@tion Disclosure via IDOR |
IDOR |
NA |
Pratyush Anjan Sarangi |
Bug Bounty | 2019-12-16 | 2023-06-13 |
| 3775 | BreakingApp – WhatsApp Crash & Data Loss Bug |
DoS |
Meta / Facebook |
Dikla Barda |
Bug Bounty | 2019-12-17 | 2023-06-13 |
| 3774 | Abusing feature to steal your tokens |
OAuth |
NA |
Harsh Jaiswal (@rootxharsh) |
Bug Bounty | 2019-12-17 | 2023-06-13 |
| 3773 | Javascript Anti Debugging - Abusing SourceMappingURL |
Browser hacking |
Google (Chromium) |
Gal Weizman (@WeizmanGal) |
Bug Bounty | 2019-12-17 | 2023-06-13 |
| 3772 | [Google VRP] SSRF in Google Cloud Platform StackDriver |
SSRF |
Google |
Ron Chan (@ngalongc) |
Bug Bounty | 2019-12-19 | 2023-06-13 |
| 3771 | #BugBounty — How Snapdeal (India’s Popular E-commerce Website) Kept their Users Data at Risk! |
Insecure storage of sensitive information |
Snapdeal |
Nanda Kumar (@nk00_nk) |
Bug Bounty | 2019-12-19 | 2023-06-13 |
| 3770 | Account Takeover Through Password Reset Poisoning |
Password reset
Account takeover |
NA |
Vishal Bharad |
Bug Bounty | 2019-12-19 | 2023-06-13 |
| 3769 | Bypassing Captcha ! |
Captcha bypass |
NA |
Abhishek Yadav (@abhishake100) |
Bug Bounty | 2019-12-20 | 2023-06-13 |
| 3768 | Full Account Takeover (Android Application) |
Information disclosure
Account takeover |
NA |
Vishal Bharad |
Bug Bounty | 2019-12-21 | 2023-06-13 |
| 3767 | 2 FA Bypass via CSRF Attack |
MFA bypass
CSRF |
Mail.ru |
Vishal Bharad |
Bug Bounty | 2019-12-23 | 2023-06-13 |
