Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5121Bypassing Ebay XSS Protection to launch XSS by Nirmal Dahal Reflected XSS Ebay Nirmal Dahal (@TheNittam) Bug Bounty2016-11-182023-06-13
5120Authentication bypass on Ubiquity’s Single Sign-On via subdomain takeover Subdomain takeover Authentication bypass Ubiquity Networks Arne Swinnen (@ArneSwinnen) Bug Bounty2016-11-292023-06-13
5119Atom.io Misconfiguration Allowed Code Execution on Untrusted Networks RCE GitHub Adam Baldwin (@adam_baldwin) Bug Bounty2016-11-302023-06-13
5118The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean Domain takeover Google Amazon Rackspace DigitalOcean Matthew Bryant (@IAmMandatory) Bug Bounty2016-12-052023-06-13
5117IDOR in Facebook%27s Acquisition (Parse) IDOR Meta / Facebook Venkatesh Sivakumar (@pranavvenkats) Bug Bounty2016-12-112023-06-13
5116Cross-site-scripting on one of the largest Dutch franchisors DOM XSS Hema Tijme Gommers (@tijme) Bug Bounty2016-12-202023-06-13
5115Stealing passwords from McDonald%27s users Reflected XSS AngularJS sandbox bypass McDonalds Tijme Gommers (@tijme) Bug Bounty2017-01-092023-06-13
5114How I could have Hacked IIT Guwahati’s website Unrestricted file upload IIT Guwahati Sai Krishna Kothapalli (@kmskrishna) Bug Bounty2017-01-092023-06-13
51130day writeup: XXE in uber.com XXE Uber - Bug Bounty2017-01-242023-06-13
5112How I could have compromised any account on one of the biggest startup based in California Account takeover IDOR Password reset NA Prateek Tiwari (@prateek_0490) Bug Bounty2017-01-282023-06-13
5111I got emails - G Suite Vulnerability Logic flaw Authorization flaw Google Meta / Facebook Yelp Rojan Rijal (@uraniumhacker) Bug Bounty2017-02-022023-06-13
5110Spring Boot RCE RCE SpEL injection Spring Boot NA Tushar (@0xdeadpool) Bug Bounty2017-02-022023-06-13
5109Cross Site Request Forgery in Facebook CSRF Meta / Facebook Zahid Ali Bug Bounty2017-02-042023-06-13
5108Facebook Groups Hack Authorization flaw Logic flaw Meta / Facebook Zahid Ali Bug Bounty2017-02-042023-06-13
5107Type Juggling and PHP Object Injection, and SQLi, Oh My! Type juggling PHP Object Injection Insecure deserialization SQL injection NA Justin Kennedy (@jstnkndy) Bug Bounty2017-02-072023-06-13
5106Bypassed Facebook Phone Number Security Authorization flaw Logic flaw Information disclosure Meta / Facebook Zahid Ali Bug Bounty2017-02-102023-06-13
5105Facebook Account Recovery Form (CONFLICTING) Logic flaw Meta / Facebook Zahid Ali Bug Bounty2017-02-132023-06-13
5104Vulnerabilities in Facebook Login Approval Form Authorization flaw Logic flaw Meta / Facebook Zahid Ali Bug Bounty2017-02-142023-06-13
5103Lightweight markup: a trio of persistent XSS in GitLab Stored XSS GitLab Yasin Soliman (@SecurityYasin) Bug Bounty2017-02-152023-06-13
5102SQL injection in an UPDATE query - a bug bounty story! SQL injection NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2017-02-172023-06-13
5101From RSS to XXE: feed parsing on Hootsuite XSS XXE Hootsuite Yasin Soliman (@SecurityYasin) Bug Bounty2017-02-172023-06-13
5100How I was able to remove your Instagram Phone number Bruteforce Meta / Facebook Neeraj Sonaniya (@neeraj_sonaniya) Bug Bounty2017-02-202023-06-13
5099How I bypassed State Bank of India OTP. OTP bypass State Bank of India Neeraj Sonaniya (@neeraj_sonaniya) Bug Bounty2017-02-202023-06-13
5098Practical Exploitation of Error Based Sql Injection SQL injection NA Eslam Salem (@net_code) Bug Bounty2017-02-202023-06-13
5097How I got your phone number through Facebook Logic flaw Meta / Facebook Inti De Ceukelaire (@securinti) Bug Bounty2017-02-202023-06-13