Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3268The Noob Way Of Taking Over Accounts Authorization flaw Account takeover Homograph attack NA Mudassir Sharief Bug Bounty2020-07-292023-06-13
3255Multi-factor Auth Bypass with Password Reset Function MFA bypass Password reset Account takeover NA Vaibhav Joshi (@vj0shii) Bug Bounty2020-08-022023-06-13
3252Account takeover in cups.mail.ru Logic flaw Password reset Account takeover Mail.ru kminthein / weev3 (@kyawminthein99) Bug Bounty2020-08-032023-06-13
3251Vulnerability in new TouchID feature put iCloud accounts at risk of being breached OAuth Account takeover Apple Thijs Alkemade (@xnyhps) Bug Bounty2020-08-032023-06-13
3249How I was able to do Mass Account Takeover[Bug Bounty] Account takeover Password reset NA Not Rickyy (@RickyyNot) Bug Bounty2020-08-052023-06-13
3240Exploiting JWT - Lack of Signature Verification Account takeover NA Aditya Dixit (@zombie007o) Bug Bounty2020-08-062023-06-13
3209Account Takeover Using Re-Register [ Bug Bounty ] Account takeover NA Myo Min Thu (@myominthu1337) Bug Bounty2020-08-172023-06-13
3193Account Takeover For The Win 🏆 Account takeover Authentication flaw Password reset NA Ricardo Iramar dos Santos (@ricardo_iramar) Bug Bounty2020-08-242023-06-13
3176Account Takeover via IDOR IDOR Account takeover NA Roma Ramazanoff (@r0hack) Bug Bounty2020-09-042023-06-13
3173Never Give Up, The Story Behind a Dupe-To-Triaged XSS OAuth Account takeover NA Alan Brian (@soyelmago) Bug Bounty2020-09-062023-06-13
3160Account takeover by OTP bypass OTP bypass NA Bhavarth Kandoria Bug Bounty2020-09-132023-06-13
3152Privilege Escalation via Account Takeover on NodeBB Forum Software — Bug Bounty (512$) — CVE-2020–15149 IDOR Account takeover NodeBB Muhammed Eren Uygun (@erenuyguun) Bug Bounty2020-09-192023-06-13
3136PII Leakage via IDOR + Weak PasswordReset = Full Account Takeover IDOR Information disclosure NA Pradeep Kumar (@Killer007p) Bug Bounty2020-09-252023-06-13
31315 Ways to do Account Takeover in a Single Website Account takeover Lack of rate limiting OTP bypass IDOR OAuth JWT NA letmeslidein (@VasuYadaav) Bug Bounty2020-09-272023-06-13
3129Taking down the SSO, Account Takeover in the Websites of Kolesa due to Insecure JSONP Call Account takeover NA Yashar Shahinzadeh (@YShahinzadeh) Bug Bounty2020-09-282023-06-13
3116Watch your requests! Open redirect to a complete account takeover Path traversal Open redirect SSRF Account takeover NA Suraj Disoja (@ninetyn1ne_) Bug Bounty2020-10-052023-06-13
31126k$ Worth Account Takeover via IDOR in Starbucks Singapore IDOR Account takeover Starbucks Kamil Onur Özkaleli (@ko2sec) Bug Bounty2020-10-072023-06-13
3107ATO via Host Header Poisoning Host header injection Account takeover Password reset NA Shivam Kamboj Dattana (@sechunt3r) Bug Bounty2020-10-082023-06-13
3101Unauthorized access to all the user’s account. Account takeover Authentication bypass JWT NA Rahul Naidu Bug Bounty2020-10-122023-06-13
3091GitHub Gist - Account takeover via open redirect - $10,000 Bounty Open redirect Account takeover GitHub William Bowling / vakzz (@wcbowling) Bug Bounty2020-10-192023-06-13
3056From a 500 error to Django admin takeover Authorization bypass Account takeover NA Shashank (@cyberboyIndia) Bug Bounty2020-11-032023-06-13
3052Story of a Pre-Account Takeover Account takeover OAuth NA Kushal Dhakal (@dhakal0kushal) Bug Bounty2020-11-062023-06-13
3049How i could take over any Account on a USA Department of Defense Website due to a simple IDOR IDOR Account takeover U.S. Dept Of Defense Gal Nagli (@naglinagli) Bug Bounty2020-11-072023-06-13
3045Chaining password reset link poisoning, IDOR, and information leakage to achieve account takeover at api.redacted.com HTTP header injection NA Jadek Mark (@mase289) Bug Bounty2020-11-102023-06-13
3032Theoretically Possible To Practical Account Takeover IDOR Account takeover NA Mukul Lohar (@ironfisto) Bug Bounty2020-11-142023-06-13