Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3685How, I dumped crypto data by chaining directory listing to open S3 Bucket AWS misconfiguration Directory listing Information disclosure NA Ddigvijay Bug Bounty2020-02-052023-06-13
3684Hijacking shared report links in Google Data Studio Authorization flaw Google sushiwushi (@sushiwushi2) Bug Bounty2020-02-052023-06-13
3683An Unexpected Bounty — Email Bounce Issues DoS Email Bounce Issue NA Keshav Malik (@g0t_rOoT_) Bug Bounty2020-02-052023-06-13
3682Using CSRF I Got Weird Account Takeover CSRF Account takeover NA Mohamed Sayed (@FlEx0Geek) Bug Bounty2020-02-052023-06-13
3681How I Made $600 in Bug Bounty in 15 Minutes with Contrast CE – CVE- 2019-8442 Information disclosure Atlassian David Lindner (@golfhackerdave) Bug Bounty2020-02-052023-06-13
3680Site wide CSRF on a popular program CSRF NA Ajinkya Pathare (@fellchase) Bug Bounty2020-02-052023-06-13
3679Google APIS ClickJacking ( $1337) Clickjacking Google Myo Min Thu (@myominthu1337) Bug Bounty2020-02-052023-06-13
3678Simple Remote Code Execution Vulnerability Examples for Beginners RCE Unrestricted file upload NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-02-052023-06-13
3677Popping Alerts in Mixmax Chrome Extension (Write Up) XSS Mixmax Evan Ricafort (@evanricafort) Bug Bounty2020-02-062023-06-13
3676How Inspect Element Got me a Bounty Client-side enforcement of server-side security NA Aditya Soni (@hetroublemakr) Bug Bounty2020-02-062023-06-13
3675IDOR leads to Data leakage and Profile Update IDOR Bruteforce NA vict0ni (@vict0ni) Bug Bounty2020-02-072023-06-13
3673External XML Entity via File Upload (SVG) XXE Unrestricted file upload NA Atul (@atul_hax) Bug Bounty2020-02-082023-06-13
3672A step-by-step walk-through of an Invalid Endpoint Information disclosure NA Mohammed Israil (@mdisrail2468) Bug Bounty2020-02-092023-06-13
3671How I discovered an SSRF leading to AWS Metadata Leakage SSRF NA Amey Anekar (@ameyanekar) Bug Bounty2020-02-102023-06-13
3670Weird Vulnerabilities Happening on Load Balancers, Shallow Copies and Caches Information disclosure NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-02-112023-06-13
3669A Simple IDOR to Account Takeover IDOR Account takeover NA Swapnil Maurya (@swapmaurya20) Bug Bounty2020-02-112023-06-13
3668CVE-2019-18426 - WhatsApp Vulnerabilities Disclosure - Open Redirect + CSP Bypass + Persistent XSS + FS read permissions + potential for RCE RCE Stored XSS CSP bypass Arbitrary file read Open redirect Security code review Meta / Facebook (WhatsApp) Gal Weizman (@WeizmanGal) Bug Bounty2020-02-142023-06-13
3666Open-redirect Vulnerability on Facebook Open redirect Meta / Facebook dw1 Bug Bounty2020-02-162023-06-13
3664Uploading Backdoor For Fun And Profit. Unrestricted file upload RCE NA Mohammed Abdul Raheem (@mohdaltaf163) Bug Bounty2020-02-172023-06-13
3663How I Gain Unrestricted File Upload Remote Code Execution Bug Bounty Unrestricted file upload NA Shay Grant (@kidshay) Bug Bounty2020-02-172023-06-13
3662Exploiting WebSocket [Application Wide XSS / CSRF] XSS CSRF NA Osama Avvan (@osamaavvan) Bug Bounty2020-02-172023-06-13
3661Plan Change Logic in Google Fiber (Webpass) Logic flaw Payment tampering Google Craig Arendt (@signalchaos) Bug Bounty2020-02-172023-06-13
3660How We Found Another XSS in Google with Acunetix XSS Google Andrey Leonov (@4lemon) Bug Bounty2020-02-172023-06-13
3659My First Bounty From Google. Self-XSS HTML injection Google Syahri Ramadan (@adonkidz7) Bug Bounty2020-02-182023-06-13
3658From Recon to Optimizing RCE Results – Simple Story with One of the Biggest ICT Company in the World Information disclosure RCE NA YoKo Kho (@YokoAcc) Bug Bounty2020-02-182023-06-13