Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3576CVE-2019-17004—Semi Universal XSS affecting Firefox for iOS Universal XSS Mozilla Brave Software cliqz (@cliqz) Bug Bounty2020-03-302023-06-13
3575Restriction is not a promise : Privilege escalation on Google. Privilege escalation Authorization flaw Google Hariharan.s (@DJHARIZ1) Bug Bounty2020-03-302023-06-13
3574Limited freemarker ssti to arbitrary liql query and manage lithium cms SSTI NA Mert (@mertistaken) Bug Bounty2020-03-302023-06-13
3573Hacking makes me forget my pain SQL injection NA Abida Fahd Bug Bounty2020-03-312023-06-13
3572Akamai Web Application Firewall Bypass Journey: Exploiting “Google BigQuery” SQL Injection Vulnerability SQL injection NA Duc Nguyen (@ducnt_) Bug Bounty2020-03-312023-06-13
3571Microsoft Apache Solr RCE Velocity Template | Bug Bounty POC RCE Microsoft Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-03-312023-06-13
3570$3133.7 Google Bug Bounty Writeup- XSS Vulnerability! Reflected XSS Google Pethuraj (@Pethuraj) Bug Bounty2020-04-012023-06-13
3569The story of my first ever, 1500$, bounty from Facebook. Logic flaw Meta / Facebook Ashok Chapagai (@ashokcpg) Bug Bounty2020-04-012023-06-13
3568Privilege Escalation - Hello Admin Privilege escalation NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-04-022023-06-13
3567Account Take Over without user Interaction Password reset Information disclosure Account takeover NA Ravilla Bharath Bug Bounty2020-04-022023-06-13
3566Always escalate! From Self-XSS to Persistent XSS on Login Portal Self-XSS CSRF NA Phuriphat Boontanon (@zanezenzane) Bug Bounty2020-04-022023-06-13
3565Hundreds of internal servicedesks exposed due to COVID-19 Security misconfiguration NA Inti De Ceukelaire (@securinti) Bug Bounty2020-04-022023-06-13
3564iPhone Camera Hack Zero-Click Unauthorized Access to Sensitive Data Apple Ryan Pickren Bug Bounty2020-04-022023-06-13
3563Touch ID Authentication Bypass on Evernote and Dropbox IOS Apps Authentication bypass iOS Evernote Dropbox Sahil Tikoo (@viperbluff) Bug Bounty2020-04-032023-06-13
3562Playing with JSON Web Tokens for Fun and Profit Password reset Email verification bypass NA Muhammad Qasim Munir (@MeetAn0nym0us) Bug Bounty2020-04-042023-06-13
3561Cannot Delete Post on Facebook Group: Facebook Bug Bounty Logic flaw Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2020-04-042023-06-13
3560Page Admin Disclosure: Facebook Bug Bounty 2020 Information disclosure Logic flaw Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2020-04-042023-06-13
3559How a Simple CSRF Attack Turned into a P1 Level Bug CSRF Account takeover NA Lady Secspeare (@bejuveria_) Bug Bounty2020-04-052023-06-13
3558How we abused Slack%27s TURN servers to gain access to internal services SSRF Slack Sandro Gauci (@sandrogauci) Bug Bounty2020-04-062023-06-13
3557$3K Bounty For Elastic-Search Takeover Elasticsearch Takeover Information disclosure NA Ashish Kunwar (@D0rkerDevil) Bug Bounty2020-04-062023-06-13
3556Stored XSS in Google Nest Stored XSS Google Harikrishnan Chandraganesan (@hari_cybex) Bug Bounty2020-04-072023-06-13
3555Unrestricted CV File Upload Unrestricted file upload NA vict0ni (@vict0ni) Bug Bounty2020-04-072023-06-13
3554Listing all registered email addresses on Google’s Crisis Map thanks to IDOR and incremental IDs IDOR Google Thomas Orlita (@ThomasOrlita) Bug Bounty2020-04-072023-06-13
3553The story of a fuzzing integration reward Memory corruption Google Andrea Brancaleoni (@nJoyneer) Bug Bounty2020-04-082023-06-13
3552How i Unlocked the blocked accounts? Password reset HTTP parameter pollution IDOR NA Maria Zulfiqar Bug Bounty2020-04-112023-06-13