Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1647How a YouTube Video lead to pwning a web application via SQL Injection worth $4324 bounty SQL injection NA Vishal Saini (@k4k4r07) Bug Bounty2022-04-082023-06-13
1645Securing Easy Appointments and earning CVE-2022-0482 Broken Access Control Easy!Appointments Francesco Carlucci (@francecarlucci) Bug Bounty2022-04-092023-06-13
1642The #100DaysOfHacking Challenge : A Game Changer for Me IDOR NA Najam Ul Saqib (@NjmUlSqb) Bug Bounty2022-04-102023-06-13
1640SVG SSRFs and saga of bypasses SSRF HTML injection NA Preetham Bomma (@cyber01_) Bug Bounty2022-04-112023-06-13
1636XSS - The LocalStorage Robbery XSS NA Jerry Shah (@Jerry) Bug Bounty2022-04-122023-06-13
1635CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed) Local Privilege Escalation Microsoft Jacob Baines (@Junior_Baines) Bug Bounty2022-04-122023-06-13
1633CVE-2022-25165: Privilege Escalation to SYSTEM in AWS VPN Client Local Privilege Escalation AWS Rhino Security Labs (@RhinoSecurity) Bug Bounty2022-04-122023-06-13
1628MY First Bug In Hackerone Information disclosure NA anjaneyulu kanakatla Bug Bounty2022-04-142023-06-13
1627Bypass Rate Limit — A blank space leads to this random encounter! Password reset Rate limiting bypass NA Roxst4r (@mveswar98) Bug Bounty2022-04-142023-06-13
1622CVE-2022-26133 - Bitbucket Data Center - Java Deserialization Vulnerability Insecure deserialization Atlassian Benny Jacob (@bennyyjacob) Bug Bounty2022-04-142023-06-13
1621Prototype Pollution in fast-xml-parser Prototype pollution NA Sudhanshu Rajbhar (@sudhanshur705) Bug Bounty2022-04-142023-06-13
1620Crazy Simple Insecure Design & 300$ Bounty! IP grabbing NA Saransh Saraf (@mr23r0) Bug Bounty2022-04-152023-06-13
1615Full Account Takeover via Open Redirection Open redirect Token leak Account takeover OAuth NA vFlexo (@vflexo) Bug Bounty2022-04-172023-06-13
1612Palisade identifies Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace XSS Rarible Palissade (@PalisadeLLC) Bug Bounty2022-04-182023-06-13
1611Adobe Acrobat hollowing out same-origin policy XSS SOP bypass Open redirect postMessage Adobe Wladimir Palant (@WPalant) Bug Bounty2022-04-192023-06-13
1609CVE-2022-21449: Psychic Signatures in Java Signature bypass Cryptographic issues Oracle Neil Madden (@neilmaddog) Bug Bounty2022-04-192023-06-13
1608Exploiting a File Upload Vulnerability — A Directory Traversal Attack Unrestricted file upload Path traversal NA Kwadwo Amoako Bug Bounty2022-04-202023-06-13
1607Gaining Unlimited access to graph AuditLogs endpoint using complex filters with non-privileged user account Information disclosure Privilege escalation Microsoft Joosua Santasalo (@SantasaloJoosua) Bug Bounty2022-04-212023-06-13
1605Smashing the Modern Web Tech Stack — Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps. Open redirect XSS NA MalwareJoe Bug Bounty2022-04-212023-06-13
1604Security issues with cloudflare/odoh-server-go and the ODoH RFC draft SSRF Cloudflare Frans Rosén (@fransrosen) Bug Bounty2022-04-212023-06-13
1603Adventures Into The MeowCorp Bug Bounty Program Information disclosure Weak credentials SSRF .git folder disclosure RCE NA Nirmal Thapa (@tnirmalz) Bug Bounty2022-04-212023-06-13
1602How I Bypassed 2FA while Resetting Password MFA bypass Password reset NA Sufiyan Gouri (@gouri_sufyan) Bug Bounty2022-04-232023-06-13
1600EJS, Server side template injection RCE (CVE-2022-29078) - writeup SSTI RCE ejs NetApp Eslam Salem (@net_code) Bug Bounty2022-04-232023-06-13
1598Fuzzing and credentials leakage..awesome bug hunting writeup Hardcoded credentials Information disclosure NA Abdalrahman Alshammas Bug Bounty2022-04-252023-06-13
1594Bypassing WAF for $2222 WAF bypass Path traversal NA Divyansh Sharma Bug Bounty2022-04-272023-06-13