Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2502403 Forbidden Bypass OTP bypass Exposed registration page XSS NA th3.d1p4k (@DipakPanchal05) Bug Bounty2021-06-042023-06-13
2501Executing CSRF With Phone Validation CSRF NA Greg Gibson Bug Bounty2021-06-042023-06-13
2500Pop-Ups in a good-world XSS Imgur Guilherme Keerok (@k33r0k) Bug Bounty2021-06-042023-06-13
2499Shopify Multipass Misconfiguration Authentication flaw Logic flaw NA Ahmed A. Sherif Bug Bounty2021-06-052023-06-13
2498How Github recon help me to find NINE FULL SSRF Vulnerability with AWS metadata access SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-06-062023-06-13
2496Story of my first cash bounty on hackerone. SSRF XSS NA Vedant Tekale (@_justYnot) Bug Bounty2021-06-072023-06-13
2495Joomla Password Reset Vulnerability And A Stored XSS For Full Compromise Password reset Stored XSS Privilege escalation RCE Security code review NA Adrian Tiron (@Adrian__T) Bug Bounty2021-06-072023-06-13
2492Unexpected IDOR Vulnerability in [REDACTED] - [redacted].net (Write Up) IDOR NA Evan Ricafort (@evanricafort) Bug Bounty2021-06-102023-06-13
2491Second Order Race Condition Race condition NA Prasoon Gupta (@0xdekster) Bug Bounty2021-06-102023-06-13
2489Bypassing 2FA using OpenID Misconfiguration MFA bypass Authentication flaw NA Youstin (@iustinBB) Bug Bounty2021-06-112023-06-13
2488How I was able to bypass the admin panel without the credentials. Information disclosure NA Pratikkhalane (@KhalanePratik) Bug Bounty2021-06-122023-06-13
2487How I found the silliest logical vulnerability for $750 that no one found for 3 years Logic flaw NA Sina Kheirkhah (@SinSinology) Bug Bounty2021-06-122023-06-13
2486Story of Account Takeover : Using Social Login with Mass Assignment Vulnerability to hack accounts ! Mass assignment Account takeover NA Mohammad Kaif Bug Bounty2021-06-132023-06-13
2483An exciting journey to find SSRF , Bypass Cloudflare , and extract AWS metadata ! SSRF NA hosein vita (@HoseinVita) Bug Bounty2021-06-132023-06-13
2482Blind Command Injection - It hurts Command injection RCE NA Jerry Shah (@Jerry) Bug Bounty2021-06-142023-06-13
2480Exploiting outdated Apache Airflow instances Session management issue NA Ian Carroll (@iangcarroll) Bug Bounty2021-06-142023-06-13
2479Importance of burp history analysis to bypass 403 403 bypass NA Vuk Ivanovic Bug Bounty2021-06-152023-06-13
2478This is how I was able to see Private, Archived Posts/Stories of users on Instagram without following them IDOR GraphQL NA Mayur Fartade (@mayurfartade) Bug Bounty2021-06-152023-06-13
2477How We Are Able To Hack Any Company By Sending Message – $20,000 Bounty [CVE-2021–34506] Universal XSS Microsoft Shivam Kumar Singh (@MrRajputHacker) Bug Bounty2021-06-152023-06-13
2476Authentication Bypass | Easy P1 in 10 minutes Authentication bypass Forced browsing NA Anirudh Makkar (@anirudhmakkar) Bug Bounty2021-06-162023-06-13
2475One-click DOS via Response Manipulation Logic flaw NA Akhil Bug Bounty2021-06-162023-06-13
2473Part-1 Dive into Zoom Applications CSRF Payment bypass Logic flaw Account takeover Privilege escalation Zoom Rakesh Thodupunoori (@rakesh_3895) Bug Bounty2021-06-162023-06-13
2471Crashing your LinkedIn app with a connection request. Application-level DoS LinkedIn Renganathan (@IamRenganathan) Bug Bounty2021-06-172023-06-13
2469Certified Pre-Owned Active Directory Privilege Escalation ADCS Windows Microsoft Will Schroeder (@harmj0y) Bug Bounty2021-06-172023-06-13
2468How We Are Able To Hack Any Company By Sending Message - $20,000 Bounty [CVE-2021–34506] Universal XSS Microsoft Vansh Devgan (@Th3Pr0xyB0y) Bug Bounty2021-06-182023-06-13