Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2282Information disclosure via api misconfiguration Information disclosure NA Rizwan_siddiqui (@Rizwan_SiDdiqu1) Bug Bounty2021-08-292023-06-13
2281ATO of WordPress Website “4 digits €€€€ Bounty in 5 Minute!” Exposed registration page Account takeover NA Ritesh Gohil (@RiteshG37659480) Bug Bounty2021-08-292023-06-13
2278How MarkMonitor left >60,000 domains for the taking Subdomain takeover NA Ian Carroll (@iangcarroll) Bug Bounty2021-08-292023-06-13
2277Two account takeover bugs worth $4300 🎁 Account takeover Privilege escalation 403 bypass IDOR NA Usama Varikkottil (@usama_dev) Bug Bounty2021-08-292023-06-13
2276I owe your Request | HTTP Request Smuggling leads to Full Accounts takeover HTTP Request Smuggling NA Muhammad Adel (@ItsFadinG_) Bug Bounty2021-08-302023-06-13
2274CVE-2021-39165: A Bug Bounty Journey from a Laravel SQL Injection Vulnerability SQL injection NA Xuan Tuyen Bug Bounty2021-08-302023-06-13
2273Broken Access Control Leads To Change Of Admin Details Privilege escalation Client-side enforcement of server-side security NA V3D (@v3d_bug) Bug Bounty2021-08-312023-06-13
2272Bypassing 2-Factor Authentication for Facebook Business Manager (Bounty: 1000 USD) MFA bypass Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2021-08-312023-06-13
2267CVE-2021-2429: A Heap-based Buffer Overflow Bug In The Mysql Innodb Memcached Plugin Memory corruption Oracle (MySQL) - Bug Bounty2021-09-022023-06-13
2266Hacking Dutch Government For a lousy T-shirt IDOR Information disclosure Dutch Government Veshraj Ghimire (@GhimireVeshraj) Bug Bounty2021-09-022023-06-13
2265How I Found Multiple XSS in Hidden Legacy Pages XSS NA Marx Chryz Bug Bounty2021-09-022023-06-13
2264chaining bugs from self XSS to account takeover Self-XSS WAF bypass CSRF Account takeover NA Behnam Yazdanpanah (@abhiunix) Bug Bounty2021-09-022023-06-13
2263Breaking Application’s Logic to DOS Attack IDOR DoS NA Abhijeet Singh (@abhiunix) Bug Bounty2021-09-022023-06-13
2259RCE By Code Injection | Perl Reverse Shell RCE Code injection NA Abdulrahman-Kamel Bug Bounty2021-09-022023-06-13
2258Play the music and bypass TCC aka CVE-2020-29621 Privacy issue MacOS Apple Wojciech Reguła (@_r3ggi) Bug Bounty2021-09-022023-06-13
2256IDOR Vulnerability In GraphQL Api On Website IDOR GraphQL NA Aidil Arief Bug Bounty2021-09-032023-06-13
2252Bypassed! and uploaded a sweet reverse shell Unrestricted file upload NA Ajay Sharma (@security_donut) Bug Bounty2021-09-052023-06-13
2251Business Logic Errors - Must Vote Logic flaw NA Jerry Shah (@Jerry) Bug Bounty2021-09-052023-06-13
2249Anti-crawler Burp Suite RCE RCE Browser hacking PortSwigger Wfox Bug Bounty2021-09-062023-06-13
2248How I can take over any user’s account with their mobile number Account takeover OTP bypass Authentication bypass NA Sushmitha Katikitala Bug Bounty2021-09-062023-06-13
2246SSD Advisory – NETGEAR D7000 Authentication Bypass Authentication bypass Netgear - Bug Bounty2021-09-062023-06-13
2245Full structure takeover to many brands of company Directory listing Information disclosure NA Abdelrahman Khaled Bug Bounty2021-09-062023-06-13
2244SSRF in PDF export with PhantomJs SSRF XSS LFI NA أنس روبي (@xhzeem) Bug Bounty2021-09-072023-06-13
2239Account Takeover via XSS in e-signature feature worth 2500$ XSS Account takeover NA Gökhan Güzelkokar (@gkhck_) Bug Bounty2021-09-082023-06-13
2238Spook.js: Attacking Google Chrome%27s Strict Site Isolation via Speculative Execution and Type Confusion Browser hacking Side-channel attack Site Isolation bypass Google Ayush Agarwal Bug Bounty2021-09-082023-06-13