Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3480Chained Bugs [ Account TakeOver ] IDOR XSS Account takeover NA Bilal Khan (@bilalmerokhel) Bug Bounty2020-05-162023-06-13
3477One Param => $10k IDOR XSS Account takeover NA Bilal Khan (@bilalmerokhel) Bug Bounty2020-05-172023-06-13
3475Tale of Account Takeovers (Part-2) Account takeover NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-05-172023-06-13
3471Multiple flaws leads to Account Takeover within an Application Account takeover Password reset NA Harshit Sengar (@sengarharshit1) Bug Bounty2020-05-182023-06-13
3450Clickjacking to Account Takeover Clickjacking NA Abhishek Yadav (@abhishake100) Bug Bounty2020-05-282023-06-13
3444IDOR in session cookie leading to Mass Account Takeover IDOR Account takeover NA Zonduhackerone (@zonduu1) Bug Bounty2020-05-292023-06-13
3439Zero-day in Sign in with Apple Account takeover Apple Bhavuk Jain (@bhavukjain1) Bug Bounty2020-05-302023-06-13
3426From CRLF to Account Takeover CRLF injection HTTP response splitting Reflected XSS Account takeover NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2020-06-032023-06-13
3418Account takeover via postMessage Account takeover postMessage NA socket (@yxw21) Bug Bounty2020-06-052023-06-13
3406Utilizing Lockdown: Blind Sqli leads to Account Takeover & Data Extraction Blind SQL injection Account takeover NA Shakti Mohanty (@3ncryptSaan) Bug Bounty2020-06-102023-06-13
3398Account Takeover via OTP Bruteforce (Apigee API) OTP bypass Bruteforce Lack of rate limiting NA Vishnuraj Bug Bounty2020-06-132023-06-13
3391Another "Fappening" on the Horizon? Account takeover Phishing Apple Sociosploit Bug Bounty2020-06-152023-06-13
3390Business logic flaw in the invitation system allows to Takeover any account at a private company Account takeover IDOR NA Daniel V. (@d4niel_v) Bug Bounty2020-06-152023-06-13
3364How i hacked worldwide ZOOM users OAuth Account takeover Zoom s3c (@s3c_krd) Bug Bounty2020-06-272023-06-13
3360How I was able to take over any account via the Password Reset Functionality. Password reset Account takeover NA Firas Fatnassi (@Fatnass1F1ras) Bug Bounty2020-06-282023-06-13
3358Taking over Azure DevOps Accounts with 1 Click Subdomain takeover Account takeover Microsoft Sean Yeoh (@seanyeoh) Bug Bounty2020-06-282023-06-13
3357API Endpoint leads to Account Takeover In Android Application Exposed token generation endpoint Information disclosure NA Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2020-06-282023-06-13
3338EN | Account Takeover and Sensitive Data Leakage via CORS Misconfiguration CORS misconfiguration CSRF Account takeover NA Lütfü Mert Ceylan (@lutfumertceylan) Bug Bounty2020-07-042023-06-13
3313A tale of critical account take over Account takeover Exposed JWT generation endpoint JWT NA Shivam Pandey (@shivam31200) Bug Bounty2020-07-102023-06-13
3309Self stored xss to full account takeover XSS Account takeover NA Jatin Aesthetic (@techyfreakk) Bug Bounty2020-07-122023-06-13
3304Admin ,Editor can disclose personnel email of other editor, admin on page(who created shop) Information disclosure Meta / Facebook The 3 Day Account Takeover Bug Bounty2020-07-162023-06-13
3303The 3 Day Account Takeover Logic flaw Password reset Account takeover Bruteforce Lack of rate limiting NA Mr. Beast (@__mr_beast__) Bug Bounty2020-07-172023-06-13
3284A $5000 Account Takeover Account takeover Password reset NA neelam Bug Bounty2020-07-252023-06-13
3276CSRF + Open Redirect To Account Takeover CSRF Open redirect Account takeover NA R29k (@R29k_) Bug Bounty2020-07-282023-06-13
3274Pre-Access to Victim’s Account via Facebook Signup OAuth Account takeover NA Akshansh Jaiswal (@Akshanshjaiswl) Bug Bounty2020-07-282023-06-13