Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3444IDOR in session cookie leading to Mass Account Takeover IDOR Account takeover NA Zonduhackerone (@zonduu1) Bug Bounty2020-05-292023-06-13
3435Hunting on ASPX Application For P1%27s [Unauthenticated SOAP,RCE, Info Disclosure] RCE Information disclosure IDOR NA ElMahdi Mrhassel (@ElMrhassel) Bug Bounty2020-05-312023-06-13
3423Another image removal vulnerability on Facebook IDOR Meta / Facebook Pouya Darabi (@Pouyadarabi) Bug Bounty2020-06-042023-06-13
3421[IDOR] Delete saved credit cards from any Business Manager Account — Facebook Bug Bounty IDOR Meta / Facebook Rohit kumar (@rohitcoder) Bug Bounty2020-06-052023-06-13
3390Business logic flaw in the invitation system allows to Takeover any account at a private company Account takeover IDOR NA Daniel V. (@d4niel_v) Bug Bounty2020-06-152023-06-13
3367All About Getting First Bounty with IDOR IDOR NA Mukul Trivedi (@M0hn1sh) Bug Bounty2020-06-232023-06-13
3341[Writeup][Bug Bounty][Tokopedia] Manipulate Other User’s Cart and Wishlist on Tokopedia [EN] IDOR Tokopedia Muhammad Thomas Fadhila Yahya (@fadhilthomas) Bug Bounty2020-07-032023-06-13
3333Taking Over Files in a chat —IDOR in Microsoft Teams IDOR Microsoft Aly Anwar (@alyanwarr) Bug Bounty2020-07-052023-06-13
3329Make Featured Product in any video IDOR Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2020-07-052023-06-13
3322Journey from low to critical bug $$$ IDOR NA Dheeraj Madhukar (@Dheerajmadhukar) Bug Bounty2020-07-092023-06-13
3299Idor in google product IDOR Google Baluz (@t3chman) Bug Bounty2020-07-172023-06-13
3288Hack Till Your Last Breath IDOR NA mechboy / _m.u.h.e_ (@Muhe76355002) Bug Bounty2020-07-212023-06-13
3282A Simple IDOR which should not be missed on dating site ;) IDOR Information disclosure NA neelam Bug Bounty2020-07-262023-06-13
3273Authentication Token Leads To IDOR Authentication bypass NA mohit (@mohit29295572) Bug Bounty2020-07-282023-06-13
3196Upload to the future IDOR NA Vuk Ivanovic Bug Bounty2020-08-222023-06-13
3188Delete IDOR on a Fashion eCommerce Website IDOR NA Amey Anekar (@ameyanekar) Bug Bounty2020-08-262023-06-13
3179Cloud firewall management API SNAFU put 500k SonicWall customers at risk IDOR SonicWall Vangelis Stykas (@evstykas) Bug Bounty2020-09-022023-06-13
3176Account Takeover via IDOR IDOR Account takeover NA Roma Ramazanoff (@r0hack) Bug Bounty2020-09-042023-06-13
3152Privilege Escalation via Account Takeover on NodeBB Forum Software — Bug Bounty (512$) — CVE-2020–15149 IDOR Account takeover NodeBB Muhammed Eren Uygun (@erenuyguun) Bug Bounty2020-09-192023-06-13
3139#Bugbounty- “How I was able to see other users Payments in a travel application” — IDOR #800$ IDOR Information disclosure NA ganiganesh (@ganiganeshss79) Bug Bounty2020-09-222023-06-13
3136PII Leakage via IDOR + Weak PasswordReset = Full Account Takeover IDOR Information disclosure NA Pradeep Kumar (@Killer007p) Bug Bounty2020-09-252023-06-13
31315 Ways to do Account Takeover in a Single Website Account takeover Lack of rate limiting OTP bypass IDOR OAuth JWT NA letmeslidein (@VasuYadaav) Bug Bounty2020-09-272023-06-13
3127The Art of IDOR: 7 IDORs in Edm0d0 IDOR Edmodo Pratyush Anjan Sarangi Bug Bounty2020-09-292023-06-13
31126k$ Worth Account Takeover via IDOR in Starbucks Singapore IDOR Account takeover Starbucks Kamil Onur Özkaleli (@ko2sec) Bug Bounty2020-10-072023-06-13
3109We Hacked Apple for 3 Months: Here’s What We Found RCE Authentication bypass Authorization bypass SSRF XXE Blind XSS IDOR OS command injection SQL injection Apple Sam Curry (@samwcyo) Bug Bounty2020-10-072023-06-13