| 3766 | From broken link to subfolder takeover on Bukalapak |
AWS misconfiguration |
Bukalapak |
wis4nggeni |
Bug Bounty | 2019-12-23 | 2023-06-13 |
| 3765 | reCAPTCHA Exploits |
Captcha bypass |
Google |
Dr. Neal Krawetz (@hackerfactor) |
Bug Bounty | 2019-12-23 | 2023-06-13 |
| 3764 | CSRF Token Bypasss — A Tale of my $2k bug |
CSRF
Account takeover |
NA |
Adeyefa Oluwatoba (@adeyefa_codes) |
Bug Bounty | 2019-12-23 | 2023-06-13 |
| 3763 | GraphQL IDOR leads to information disclosure |
IDOR |
NA |
Eshan Singh (@R0X4R) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3762 | Bugbounty | A DOM XSS |
DOM XSS |
NA |
Jinone (@jinonehk) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3761 | Airbnb : Steal Earning of Airbnb hosts by Adding Bank Account/Payment Method (IDOR) |
IDOR |
Airbnb |
Vijay Kumar (@IndoAppSec) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3760 | How we hacked one of the worlds largest Cryptocurrency Website |
SQL injection
RCE |
NA |
Strynx (@Strynx_Security) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3759 | Abusing ImageMagick to obtain RCE |
ImageTragick
RCE |
NA |
Strynx (@Strynx_Security) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3758 | SOP Bypass via browser-cache |
SOP bypass |
Keybase |
Aaron Costello (@ConspiracyProof) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3757 | Microsoft Edge (Chromium) - EoP via XSS to Potential RCE |
XSS
RCE |
Microsoft |
Abdulrahman Alqabandi (@Qab) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3756 | BugBounty | A Dom Xss |
DOM XSS |
NA |
Jinone (@jinonehk) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3755 | XSS Is Love <3 ! |
XSS |
NA |
Nirmal Dahal (@TheNittam) |
Bug Bounty | 2019-12-26 | 2023-06-13 |
| 3754 | Subdomain takeover via pantheon |
Subdomain takeover |
NA |
Smaran Chand (@smaranchand) |
Bug Bounty | 2019-12-26 | 2023-06-13 |
| 3753 | Bypassing Brand Collabs Manager Eligibility on Facebook |
Authorization flaw |
Meta / Facebook |
Ajay Gautam (@evilboyajay) |
Bug Bounty | 2019-12-26 | 2023-06-13 |
| 3752 | Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty |
XSSI |
NA |
Omkar Bhagwat (@th3_hidd3n_mist) |
Bug Bounty | 2019-12-27 | 2023-06-13 |
| 3751 | Drop the mic?! no! Drop the connection ;) |
DOM XSS |
Google |
Sasi Levi (@sasi2103) |
Bug Bounty | 2019-12-29 | 2023-06-13 |
| 3750 | How I made $7500 from My First Bug Bounty Found on Google Cloud Platform |
Logic flaw |
Google |
James Grunewald |
Bug Bounty | 2019-12-29 | 2023-06-13 |
| 3749 | Facebook Bug bounty Story: $X000 for an Information Disclosure Bug |
Information disclosure |
Meta / Facebook |
Circle Ninja (@circleninja) |
Bug Bounty | 2019-12-29 | 2023-06-13 |
| 3748 | How did I earn $3133.70 from Google Translator? |
XSS |
Google |
Beri Bey (@uppmen) |
Bug Bounty | 2019-12-30 | 2023-06-13 |
| 3747 | Exploiting a Self Stored XSS with an IDOR |
Self-XSS
Stored XSS
IDOR |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3746 | Bug Hunting Journey of 2019 |
XSS
Privilege escalation
Information disclosure |
Alibaba
Yahoo! / Verizon Media |
Sudhanshu Rajbhar (@sudhanshur705) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3745 | From POST to GET Open redirect |
Open redirect |
NA |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3744 | Exploiting HTML Injection in Email |
HTML injection |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3743 | Story of an IDOR via HTTP |
IDOR |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3742 | Bypass Mobile PIN Verification |
Authentication bypass |
NA |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2020-01-01 | 2023-06-13 |
