Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2355Privilege Escalation | stealing user’s point | Bugcrowd IDOR Privilege escalation NA Abhind Abhi Bug Bounty2021-08-022023-06-13
2354~/BugBounty/IDOR/”How I was able to exfiltrate any user’s credit coupons” IDOR NA Jai Sharma (@ja1sharma) Bug Bounty2021-08-022023-06-13
2350How I Scored 1K Bounty Using Waybackurls Information disclosure NA Sicksec (@OriginalSicksec) Bug Bounty2021-08-022023-06-13
2349How the use of hidden form fields lead to Email verification bypass Email verification bypass Client-side enforcement of server-side security NA Yash Swarup (@wazirsec) Bug Bounty2021-08-032023-06-13
2348PostMessage Xss vulnerability on private program XSS postMessage NA Youghourta Ghannei (@YoughartaG) Bug Bounty2021-08-032023-06-13
2346Account Takeover (User + Admin) Via Password Reset Account takeover Password reset Logic flaw NA Hemant Patidar (@HemantSolo) Bug Bounty2021-08-052023-06-13
2345Do you like to read? I can take over your Kindle with an e-book Memory corruption RCE Local Privilege Escalation Amazon Slava Makkaveev Bug Bounty2021-08-062023-06-13
2340Size Matters — CVE-2021–0485 (High) Local Privilege Escalation Android Google Dimitrios Valsamaras (@Ch0pin) Bug Bounty2021-08-072023-06-13
2339CVE-2021-0090: Intel Driver & Support Assistant (DSA) Elevation Of Privilege (EOP) Local Privilege Escalation Intel bohops (@bohops) Bug Bounty2021-08-072023-06-13
2338CVE-2021-25738 RCE Kubernetes Jordy Versmissen / J0VSEC (@j0v0x0) Bug Bounty2021-08-072023-06-13
2337What is BOLA? 3-digit bounty from Topcoder ($$$) IDOR Topcoder can1337 (@canmustdie) Bug Bounty2021-08-092023-06-13
2336Fuzzing + IDOR = Admin TakeOver IDOR Account takeover NA Gonzalo Carrasco (@0xCGonzalo) Bug Bounty2021-08-092023-06-13
2335Multiple Vulnerabilities In cPanel/WHM XXE Stored XSS Privilege escalation CSRF Cross-Site WebSocket Hijacking (CSWH) cPanel Adrian Tiron (@adrian__t) Bug Bounty2021-08-102023-06-13
2334OVE-20210809-0001 Visual Studio Code .ipynb Jupyter Notebook XSS (Arbitrary File Read) XSS Arbitrary file read Microsoft Justin Steven (@justinsteven) Bug Bounty2021-08-112023-06-13
2333How I Bought a £240.00 Annual Subscription for Bargain £0.01 Payment tampering Logic flaw NA Craig Hays (@craighays) Bug Bounty2021-08-112023-06-13
2331Taking Over Employee Accounts by Managers with Zero Employee Interaction HTML injection NA Chaitanya Rajhans (@Chaitanya_024) Bug Bounty2021-08-122023-06-13
2330Blind SSRF in URL Validator Blind SSRF NA Yash Kandekar (@Neutron__) Bug Bounty2021-08-122023-06-13
2329How I found read/write access to the personal data of 3 million users of an E-commerce website? IDOR NA Prashant Singh / SecGeek_one0one Bug Bounty2021-08-132023-06-13
2328How we was able to takeover whole organization via Privilege Escalation Privilege escalation Authorization flaw NA Yasser Mohammed (@boomneroli) Bug Bounty2021-08-132023-06-13
2326Bypass Google Captcha+Parameter Pollution Leads to send email to any user on behalf of “Organization” with any desired content HTTP parameter pollution Captcha bypass NA viral bhatt (@viralbhatt100) Bug Bounty2021-08-142023-06-13
2325Finding multiple SSRF with aws metadata access on A BANK system SSRF NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2021-08-142023-06-13
2324Simple HTML Injection to $250 Account takeover Mass assignment NA Ahmad Halabi (@Ahmad_Halabi_) Bug Bounty2021-08-142023-06-13
23231st Bug Bounty WriteUp: Open Redirect To XSS on Login Page Open redirect XSS NA Nassim Chami (@nvccim) Bug Bounty2021-08-152023-06-13
2321Why u should use burp to test Path Traversal Vulnerability and also get RXSS Path traversal XSS CSRF Account takeover NA Yasser Mohammed (@boomneroli) Bug Bounty2021-08-162023-06-13
2320A Bug%27s Life: CVE-2021-21225 Browser hacking Google Brendon Tiszka (@btiszka) Bug Bounty2021-08-162023-06-13