Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5172When your privacy disclosure is a “feature” not a “bug” – Badoo & HotorNot failure! Information disclosure Badoo Hot Or Not Mohamed A. Baset Bug Bounty2016-05-172023-06-13
5171Microsoft Yammer Clickjacking – Exploiting HTML5 Security Features Clickjacking Microsoft Mohamed A. Baset Bug Bounty2016-05-182023-06-13
5170InstaBrute: Two Ways to Brute-force Instagram Account Credentials Bruteforce Username enumeration Meta / Facebook Arne Swinnen (@ArneSwinnen) Bug Bounty2016-05-192023-06-13
5169RunKeeper Stored XSS Vulnerability – Where worms are able to run too! Stored XSS CSRF RunKeeper Mohamed A. Baset Bug Bounty2016-06-062023-06-13
5168Popping the Pornhub Cherry Information disclosure PornHub Andy Gill (@ZephrFish) Bug Bounty2016-06-072023-06-13
5167Why you shouldn’t share links on Facebook Information disclosure Meta / Facebook Inti De Ceukelaire (@securinti) Bug Bounty2016-06-092023-06-13
5166Two vulnerabilities makes an Exploit!! (XSS and CSRF in Bing) XSS CSRF Microsoft Sai Krishna Kothapalli (@kmskrishna) Bug Bounty2016-06-102023-06-13
5165Critical LinkedIn vulnerability proactively resolved by Wallarm (XXE in application server) XXE LinkedIn Wallarm (@Wallarm)< Bug Bounty2016-06-102023-06-13
5164Medium Full Account Takeover By One Click XSS Medium Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-06-232023-06-13
5163Uber Hacking: How we found out who you are, where you are and where you went Bruteforce Information disclosure Logic flaw IDOR Uber Vitor “r0t” Oliveira (@r0t1v) Bug Bounty2016-06-242023-06-13
5162TopCoder.com Vulnerabilities – A tail of site-wide bugs leads to accounts compromise & payments hijacking CSRF Account takeover Topcoder.com Mohamed A. Baset Bug Bounty2016-06-282023-06-13
5161Race conditions on the web Race condition Cobalt.io Meta / Facebook MEGA Keybase Josip Franjkovic (@josipfranjkovic) Bug Bounty2016-07-122023-06-13
5160How I Could Steal Money from Instagram, Google and Microsoft Logic flaw Google Microsoft Meta / Facebook Arne Swinnen (@ArneSwinnen) Bug Bounty2016-07-152023-06-13
5159Stealing Facebook access_tokens using CSRF in device login flow CSRF OAuth Information disclosure Meta / Facebook Josip Franjkovic (@josipfranjkovic) Bug Bounty2016-07-192023-06-13
5158Blind XSS in Spotify%27s Salesforce Integration Blind XSS Salesforce Spotify Mohammed Diaa (@mhmdiaa) Bug Bounty2016-07-192023-06-13
5157Twitter%27s Vine Source code dump - $10080 Source code disclosure Information disclosure Twitter avicoder (@avicoder) Bug Bounty2016-07-222023-06-13
5156How we broke PHP, hacked Pornhub and earned $20,000 RCE Memory corruption Use-After-Free PornHub Ruslan Habalov (@evonide) Bug Bounty2016-07-232023-06-13
5155Remote Code Execution (RCE) on Microsoft%27s %27signout.live.com%27 RCE Microsoft Peter Adkins (@darkarnium) Bug Bounty2016-07-242023-06-13
5154BMW Vulnerabilities – Hijack Cars ConnectedDrive™ Service! Clickjacking CSRF BMW Mohamed A. Baset Bug Bounty2016-07-242023-06-13
5153Messenger.com Site-Wide CSRF CSRF Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2016-07-262023-06-13
5152CSV Injection -> Meterpreter on Pornhub CSV injection PornHub Andy Gill (@ZephrFish) Bug Bounty2016-07-292023-06-13
5151XSS on Flickr XSS Flickr Shubham Gupta (@hackerspider1) Bug Bounty2016-07-312023-06-13
5150Xss filter bypass in Yahoo dev.flurry.com XSS Yahoo! / Verizon Media Shubham Gupta (@hackerspider1) Bug Bounty2016-07-312023-06-13
5149Swf XSS (Dom Based Xss) Flash XSS DOM XSS Ubiquity Networks Shubham Gupta (@hackerspider1) Bug Bounty2016-07-312023-06-13
5148Samsung Galaxy Apps MiTM vulnerabilities MiTM Android Samsung Simone Margaritelli (@evilsocket) Bug Bounty2016-08-172023-06-13