Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1912Write Up – Private Bug Bounty: Firebase Database Exposed By Misconfiguration – $2,000 USD Android Insecure Firebase database NA Omar Espino (@omespino) Bug Bounty2022-01-172023-06-13
1911Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) SSRF CSRF VMware Shubham Shah (@infosec_au) Bug Bounty2022-01-172023-06-13
1909Zooming in on Zero-click Exploits Memory corruption Zoom Natalie Silvanovich (@natashenka) Bug Bounty2022-01-182023-06-13
1908CVE-2022-21661: Exposing Database Info Via Wordpress SQL Injection SQL injection WordPress ngocnb Bug Bounty2022-01-182023-06-13
1907Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1 Insecure deserialization Cryptographic issues Swiss Post Ruben Santamarta (@reversemode) Bug Bounty2022-01-182023-06-13
1905How I messed up my own profile data Authorization flaw NA Himmat Singh Bug Bounty2022-01-202023-06-13
1903Hashing the Favicon.ico Information disclosure NA Ski Mask (@Ski_Mask0) Bug Bounty2022-01-212023-06-13
1902Facebook room deep linking vulnerability, allow malicious user to know the code for anyone’s meeting. Insecure deeplink Android NA Quel (@RootIntrud3r) Bug Bounty2022-01-212023-06-13
1901120 Days of Frequent Hacking SSRF LFI Information disclosure XSS SQL injection NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-212023-06-13
1900How I was able to find multiple vulnerabilities of a Symfony Web Framework web application Debug mode enabled Information disclosure NA Abid Ahmad (@RootIntrud3r) Bug Bounty2022-01-232023-06-13
1899Path Traversal Paradise Path traversal LFI NA Kuldeep Pandya (@kuldeepdotexe) Bug Bounty2022-01-232023-06-13
1896CVE-2021-44790: Code Execution On Apache Via An Integer Underflow Memory corruption Apache Chamal Bug Bounty2022-01-252023-06-13
1894How I was able to take over accounts in websites deal with Github as an SSO provider Bruteforce Lack of rate limiting SSO Email verification bypass Account takeover NA Khaled Mohamed Bug Bounty2022-01-252023-06-13
1893HOW I hacked thousand of subdomains Subdomain takeover NA MoSec (@moe1n1) Bug Bounty2022-01-252023-06-13
1890CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google%27s KCTF Containers Container escape Kubernetes bug Google Crusaders of Rust (@cor_ctf) Bug Bounty2022-01-252023-06-13
1888Auth Bypass in ADOdb CVE-2021-3850 Authentication bypass NA Emmet Leah Bug Bounty2022-01-262023-06-13
1887Technical Analysis of CVE-2022-22583: Bypassing macOS System Integrity Protection (SIP) MacOS SIP bypass Apple Perception Point Bug Bounty2022-01-272023-06-13
1886CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability URL validation bypass Microsoft Reegun Jayapaul (@reegun21) Bug Bounty2022-01-272023-06-13
1885Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) Windows Driver hacking Kernel DoS VMware Christopher (@Kharosx0) Bug Bounty2022-01-272023-06-13
1884The Story of an RCE on a Java Web Application Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-272023-06-13
1882The Story of a RCE on a Java Web Application RCE Insecure deserialization NA LIL NIX (@Lil__Nix) Bug Bounty2022-01-282023-06-13
1880Multiple HTTP Redirects to Bypass SSRF Protections SSRF NA ne555 Bug Bounty2022-01-292023-06-13
1879Paytm-Broken Link Hijacking Broken link hijacking Paytm Lohith Gowda M (@lohigowda_in) Bug Bounty2022-01-292023-06-13
1878How I Made $16,500 Hacking CDN Caching Servers — Part 1 Web cache poisoning Stored XSS Web cache deception NA Kevin (@bxmbn) Bug Bounty2022-01-292023-06-13
18762fa Bypass by changing Request method MFA bypass NA Arth Bajpai (@arth_bajpai) Bug Bounty2022-01-302023-06-13