Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2495Joomla Password Reset Vulnerability And A Stored XSS For Full Compromise Password reset Stored XSS Privilege escalation RCE Security code review NA Adrian Tiron (@Adrian__T) Bug Bounty2021-06-072023-06-13
2466Account takeover via stored XSS with arbitrary file upload Insecure file upload XSS Account takeover NA 0xbadb00da (@0xbadb00da) Bug Bounty2021-06-182023-06-13
2459Stored XSS via Invite leading to Mass Account Takeover at Opera. Stored XSS Opera Samrat Gupta (@Sm4rty_) Bug Bounty2021-06-202023-06-13
2409Stored XSS in Google Doubleclick Studio [Google Research Grant] Stored XSS Google Jasminder Pal Singh (@Singh_Jasminder) Bug Bounty2021-07-142023-06-13
2394Escalating Self-XSS To Stored XSS via Image injection + IDOR Self-XSS Stored XSS IDOR NA Demon (@R29k_) Bug Bounty2021-07-212023-06-13
2368Account takeover via stored xss Stored XSS NA vikram naidu (@ImVikram7msd) Bug Bounty2021-07-302023-06-13
2364How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR Self-XSS IDOR Account takeover HackerEarth Jefferson Gonzales (@gonzxph) Bug Bounty2021-07-312023-06-13
2335Multiple Vulnerabilities In cPanel/WHM XXE Stored XSS Privilege escalation CSRF Cross-Site WebSocket Hijacking (CSWH) cPanel Adrian Tiron (@adrian__t) Bug Bounty2021-08-102023-06-13
2307MonkeyType.com Stored Cross-Site Scripting Stored XSS Authentication bypass IDOR MonkeyType.com Tyle Butler (@tbutler0x90) Bug Bounty2021-08-222023-06-13
2241Bug Bounty Guest Post: Local File Read via Stored XSS in The Opera Browser Stored XSS Local File Read Opera Renwa (@RenwaX23) Bug Bounty2021-09-082023-06-13
2223Microsoft Azure Portal – Persistent Cross-Site Scripting Stored XSS Microsoft Christian Becker (@0xchrisb) Bug Bounty2021-09-152023-06-13
2186Zero-Day: Hijacking iCloud Credentials with Apple Airtags (Stored XSS) Stored XSS Apple Bobby Rauch / Bobbyr Bug Bounty2021-09-282023-06-13
2177Privilege Escalation to stored XSS Privilege escalation HTTP response manipulation Stored XSS NA Rohit Kumar (Rohit_443) Bug Bounty2021-10-012023-06-13
2168[EN] Stored XSS in the administrator’s panel due to misuse of MarkupSafe Stored XSS pass Culture Aethlios (@AethliosIK) Bug Bounty2021-10-062023-06-13
2133Moodle - Stored XSS and blind SSRF possible via feedback answer text Stored XSS SSRF Moodle rekter0 (@rekter0) Bug Bounty2021-10-222023-06-13
2114Write Up – XSS Stored In api.media.atlassian.com Via Doc File (iOS) Stored XSS Atlassian Omar Espino (@omespino) Bug Bounty2021-10-282023-06-13
2012Account Takeover via Stored XSS Account takeover Stored XSS NA Demon (@R29k_) Bug Bounty2021-12-092023-06-13
2001SVG based Stored XSS Stored XSS NA xaonan44 Bug Bounty2021-12-122023-06-13
1988Stored XSS by bypassing signature XSS Unrestricted file upload NA Abdulrahman Makki (@AMakki1337) Bug Bounty2021-12-202023-06-13
1955Bug Hunting Journey of 2021 Stored XSS Open redirect Token leak CSRF Logic flaw Information disclosure IDOR Account takeover NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2021-12-312023-06-13
1878How I Made $16,500 Hacking CDN Caching Servers — Part 1 Web cache poisoning Stored XSS Web cache deception NA Kevin (@bxmbn) Bug Bounty2022-01-292023-06-13
1873Stored Cross-Site Scripting in MediaWiki Stored XSS NA Nick Berrie (@machevalia) Bug Bounty2022-01-282023-06-13
1805Stored XSS in message.alibaba.com ($2,000) Stored XSS Alibaba R ando (@Rando02355205) Bug Bounty2022-02-182023-06-13
1770CVE-2022-24948: Apache JSPWiki preauth Stored XSS to ATO Stored XSS Account takeover Apache Paulos Yibelo (@PaulosYibelo) Bug Bounty2022-03-022023-06-13
1742A Tale of Open Redirection to Stored XSS Stored XSS Open redirect NA Tushar Sharma (@tusharSharma_0) Bug Bounty2022-03-122023-06-13