Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3630SOP Bypass SOP bypass NA Kenan (@kenanistaken) Bug Bounty2020-03-032023-06-13
3629SSRF vulnerability in Uppy, Detected by Shieldfy SSRF Node.js third-party modules Eslam Salem (@net_code) Bug Bounty2020-03-032023-06-13
3628Abusing Slack for Offensive Operations Logic flaw Slack Cody Thomas (@its_a_feature_) Bug Bounty2020-03-042023-06-13
3627Got *Bounty* with Account takeover (ATO ) Unicode-Case Mapping Collision ! Account takeover NA Shaurya Sharma (@ShauryaSharma05) Bug Bounty2020-03-052023-06-13
3626Google Bug Bounty: Clickjacking on Google Payment (1337$) Clickjacking Google santuySec (@santuySec) Bug Bounty2020-03-062023-06-13
3625How I exploit the JSON CSRF with method override technique CSRF NA Simgamsetti Manikanta (@zaheckmania) Bug Bounty2020-03-072023-06-13
3624Google Ads Self-XSS & Html Injection $5000 Self-XSS HTML injection Google Syahri Ramadan (@adonkidz7) Bug Bounty2020-03-072023-06-13
3623$5,005 worth vulnerability Duplicated, How I loose $5,005 in a day? Denial of Service - Billion LAUGH Attack (XXE) DoS XXE NA Muhammad Asim Shahzad (@protector47) Bug Bounty2020-03-082023-06-13
3622Breaking the Competition (Bug Bounty Write-up) Race condition DoS Logic flaw Session management issue NA George O (@georgeomnet) Bug Bounty2020-03-082023-06-13
3621The unexpected Google wide domain check bypass Logic flaw Google David Schütz (@xdavidhu) Bug Bounty2020-03-082023-06-13
3620Broke limited scope with a chain of bugs (tips for every rider CORS) CORS misconfiguration RCE NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2020-03-092023-06-13
3619Vulnerable design leads to personal data leakage- yet another case of an inter-application vulnerability… Logic flaw NA Marcin Szydlowski (@SecurityKsl) Bug Bounty2020-03-092023-06-13
3618Got Easiest Bounty with HTML injection via email confirmation! HTML injection NA Shaurya Sharma (@ShauryaSharma05) Bug Bounty2020-03-112023-06-13
3617Finding a P1 in one minute with Shodan.io (RCE) RCE NA sw33tLie (@sw33tLie) Bug Bounty2020-03-112023-06-13
3616OTP Bypass - Developer’s Check OTP bypass NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-03-112023-06-13
3615How I was able to bypass the current password? Account takeover CSRF NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2020-03-112023-06-13
3612How I Reported a DoS Vulnerability to AWS DoS AWS Amey Anekar (@ameyanekar) Bug Bounty2020-03-112023-06-13
3611[Bug Bounty] Email Content Injection Email content injection NA Navneet (@na5n33t) Bug Bounty2020-03-122023-06-13
3610How I got access to critical data of a Company in no time ? Information disclosure Lack of rate limiting Bruteforce NA Kaustubh Kale Bug Bounty2020-03-122023-06-13
3608API secret key Leakage leads to disclosure of Employee’s Information Information disclosure NA Ace Candelario (@phspades) Bug Bounty2020-03-132023-06-13
3607User%27s email disclosure via invalid password reset link [$250] Password reset Information disclosure NA Myo Min Thu (@myominthu1337) Bug Bounty2020-03-132023-06-13
3606What is your GCP infra worth?...about ~$700 [Bugbounty] Information disclosure Tokopedia Chris Gates (@carnal0wnage) Bug Bounty2020-03-132023-06-13
3605Blocked User Can Send Notification Due to Logical Bug in Instagram | First Instagram Bug Logic flaw Meta / Facebook Divyanshu Shukla (@justm0rph3u5) Bug Bounty2020-03-142023-06-13
3604My Weirdest Bug Bounty — Getting PII from O365. Subdomain takeover Microsoft Omaid Faizyar (@rulesofthetrade) Bug Bounty2020-03-142023-06-13
3603How I earned $800 for Host Header Injection Vulnerability Host header injection Password reset NA Pethuraj (@Pethuraj) Bug Bounty2020-03-152023-06-13