| 3602 | Using Vulnerability Analytics Feature Like a Boss |
SSRF
Reflected XSS
Authentication bypass |
NA |
Ozgur Alp (@ozgur_bbh) |
Bug Bounty | 2020-03-15 | 2023-06-13 |
| 3601 | Weak session validation bug let you login even after changing the session IDs and logging out from the accounts |
Logic flaw
Session management issue |
viator.com |
Manasjha (@manas_hunter) |
Bug Bounty | 2020-03-16 | 2023-06-13 |
| 3600 | How I Earned $1750 at Shopify Bug Bounty Program |
XSS
Open redirect |
Shopify |
Ashish Dhone (@ashketchum_16) |
Bug Bounty | 2020-03-16 | 2023-06-13 |
| 3599 | Razer mobile PIN verification bypass $1k Bug |
OTP bypass
MFA bypass |
Razer |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2020-03-17 | 2023-06-13 |
| 3598 | How I was able to verify any contact number for my account? |
OTP bypass
MFA bypass |
NA |
Paras Arora (@parasarora06) |
Bug Bounty | 2020-03-17 | 2023-06-13 |
| 3597 | Where is my Train : Tracking to Hacking ! |
Reflected XSS
SQL injection |
Google |
Anil Tom (mr_4nk) |
Bug Bounty | 2020-03-17 | 2023-06-13 |
| 3595 | Hacking — Always Check the Cross-domain Policy |
SOP bypass
CSRF |
Starbucks |
Jack |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3594 | Reflected XSS on microsoft.com subdomains |
Reflected XSS |
Microsoft |
Raimonds Liepins (@lv_linkers) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3593 | EN | Administrator level Privilege Escalation story |
Privilege escalation |
NA |
Samet Sahin (@sametsahinnet) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3592 | API DOCS takeover on Readme.io |
Subdomain takeover |
NA |
Oktavandi (@0ktavandi) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3591 | Remote Image Upload Leads to RCE (Inject Malicious Code to PHP-GD Image) |
Unrestricted file upload
RCE |
NA |
Muhammad R. Maulana |
Bug Bounty | 2020-03-21 | 2023-06-13 |
| 3590 | The Ticklish XSS |
XSS |
NA |
Adnan Malik (@adnanmalikinfo) |
Bug Bounty | 2020-03-23 | 2023-06-13 |
| 3589 | Self XSS to Account Takeover |
Account takeover
XSS
CSRF |
NA |
Ch3ckM4te |
Bug Bounty | 2020-03-24 | 2023-06-13 |
| 3588 | VPN bypass vulnerability in Apple iOS |
Privacy issue |
Apple |
Proton Team |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3587 | XSS WAF & Character limitation bypass like a boss |
XSS |
NA |
Prial Islam Khan (@prial261) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3586 | Pentesting Cisco SD-WAN Part 1: Attacking vManage |
Cypher injection
Stored XSS |
Cisco |
Julien Legras (@Julien_Legras) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3585 | Stealing Videos From VLC |
IDOR |
Internet Bug Bounty |
Dhiraj (@RandomDhiraj) |
Bug Bounty | 2020-03-26 | 2023-06-13 |
| 3584 | Exploitation of the CVE-2018-15961 – Unrestricted File Upload in Adobe ColdFusion |
Unrestricted file upload |
NA |
Supras (@LdrTom) |
Bug Bounty | 2020-03-26 | 2023-06-13 |
| 3583 | Account Takeover Flow In Mail.ru s Ext.A Domain [ $150 ] |
Logic flaw
Account takeover |
NA |
Myo Min Thu (@myominthu1337) |
Bug Bounty | 2020-03-26 | 2023-06-13 |
| 3582 | 1st Bug Bounty Write-Up — Open Redirect Vulnerability on Login Page |
Open redirect |
NA |
Phuriphat Boontanon (@zanezenzane) |
Bug Bounty | 2020-03-27 | 2023-06-13 |
| 3581 | Exploiting magic links, critical bugs are one line away |
Information disclosure
Missing authentication |
Razer |
0xSha (@0xsha) |
Bug Bounty | 2020-03-27 | 2023-06-13 |
| 3580 | I Want that Cookie !!! |
Logic flaw |
NA |
Adnan Malik (@infoadnanmalik) |
Bug Bounty | 2020-03-27 | 2023-06-13 |
| 3579 | Executing scripts in Safari Reader Mode to CSP Bypass |
XSS
CSP bypass |
Apple |
Nikhil Mittal (@c0d3G33k) |
Bug Bounty | 2020-03-28 | 2023-06-13 |
| 3578 | Attacking HelpDesks Part 1: RCE Chain on DeskPro, with Bitdefender as a Case Study |
RCE |
Bitdefender |
Abdulrahman Nour (@aboodnour) |
Bug Bounty | 2020-03-28 | 2023-06-13 |
| 3577 | OTP Bruteforce- Account Takeover |
OTP bruteforce
Account takeover |
NA |
Ranjit Kumar |
Bug Bounty | 2020-03-29 | 2023-06-13 |
