Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4836Union Based Sql injection Write up ->A private Company Site SQL injection NA Nur A Alam Dipu (@Dipu1A) Bug Bounty2018-03-122023-06-13
4835#BugBounty — “Let me reset your password and login into your account “-How I was able to Compromise any User Account via Reset Password Functionality Logic flaw Password reset Account takeover NA Avinash Jain (@logicbomb_1) Bug Bounty2018-03-142023-06-13
4833CVE-2017-13253: Buffer overflow in multiple Android DRM services Memory corruption Local Privilege Escalation Google Tamir Zahavi-Brunner (@tamir_zb) Bug Bounty2018-03-152023-06-13
4832Leaking WordPress CSRF Tokens for Fun, $1337 bounty, and CVE-2017-5489 CSRF WordPress Abdullah Hussam (@Abdulahhusam) Bug Bounty2018-03-152023-06-13
4820My Best Small Report Bounty Report in Private Program ( Django REST framework Admin Login ByPass ) SQL injection Authentication bypass Account takeover NA Mohamed Haron (@m7mdharon) Bug Bounty2018-04-012023-06-13
4818Beyond XSS: Edge Side Include Injection ESI injection SSRF XSS Squid Varnish Louis Dion-Marcil (@ldionmarcil) Bug Bounty2018-04-032023-06-13
4816#BugBounty — ” Your details are saved into my account”-User info disclosure Vulnerability in Practo (India’s biggest healthcare app) IDOR NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-052023-06-13
4814“Exploiting a Single Parameter” SSRF XSS NA Hisham Mir (@Hishammir1) Bug Bounty2018-04-062023-06-13
4812Stealing HttpOnly Cookie via XSS XSS NA Yasser Gersy (@yassergersy) Bug Bounty2018-04-082023-06-13
4808Please email me your password Blind XSS Blind SQL injection SMTP injection Account takeover NA Jasmin Laundry (@JR0ch17) Bug Bounty2018-04-112023-06-13
4803#SecurityBreach — "How I was able to book hotel room for 1.50₹!" CORS misconfiguration NA Hariom Vashisth Bug Bounty2018-04-152023-06-13
4801Bypassing Captcha Like a Boss Captcha bypass NA Ak1T4 (@akita_zen) Bug Bounty2018-04-162023-06-13
4799From an error message to DB disclosure Hardcoded credentials NA Yumi Bug Bounty2018-04-172023-06-13
4798How I got stored XSS using file upload Stored XSS NA gujjuboy10x00 (@vis_hacker) Bug Bounty2018-04-172023-06-13
4797IDOR (at Private Bug Bounty Program) that could Leads to Personal Data Leaks IDOR NA YoKo Kho (@YokoAcc) Bug Bounty2018-04-172023-06-13
4796How I Get the Name of the Hotel (and other Data) that you ever Stay - Personal Data Leaks: Private Bug Bounty Program IDOR NA YoKo Kho (@YokoAcc) Bug Bounty2018-04-182023-06-13
4791#BugBounty — "Journey from LFI to RCE!!!"-How I was able to get the same in one of the India’s popular property buy/sell company. LFI RCE NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-192023-06-13
4790Story Of a Stored XSS Bypass Stored XSS NA Prial Islam Khan (@prial261) Bug Bounty2018-04-212023-06-13
4789Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal Stored XSS Paypal YoKo Kho (@YokoAcc) Bug Bounty2018-04-212023-06-13
4788Three Cases, Three Open Redirect Bypasses Open redirect NA Mmohammed Eldeeb (@malcolmx0x) Bug Bounty2018-04-222023-06-13
4786How we got LFI in apache Drill (Recon like a boss) LFI NA gujjuboy10x00 (@vis_hacker) Bug Bounty2018-04-232023-06-13
4785XSS “403 forbidden” bypass write up XSS NA Nur A Alam Dipu (@Dipu1A) Bug Bounty2018-04-252023-06-13
4784The Unknown Hero-App Logic Bugs Logic flaw Canva Circle Ninja (@circleninja) Bug Bounty2018-04-252023-06-13
4783How I earned 60K+ from private program Open redirect Subdomain takeover XSS HTTP parameter pollution NA Siva Krishna Samireddi (@le4rner) Bug Bounty2018-04-252023-06-13
4780#BugBounty — How I was able to bypass firewall to get RCE and then went from server shell to get root user account! RCE NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-292023-06-13