Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3031Account takeover through password reset Account takeover Password reset NA Omar Hamdy (@seaman00o) Bug Bounty2020-11-142023-06-13
3028Weak Cryptography to Account Takeover’s Cryptographic issues Account takeover IDOR NA letmeslidein (@VasuYadaav) Bug Bounty2020-11-152023-06-13
3019Tale of 3 vulnerabilities to account takeover! SSRF Account takeover NA Avinash Jain (@logicbomb_1) Bug Bounty2020-11-172023-06-13
3009Escalating XSS to Account Takeover Reflected XSS Account takeover NA Aditya Verma (@0cirius0) Bug Bounty2020-11-222023-06-13
3003Pre-Account Takeover using OAuth Misconfiguration OAuth NA the_unluck_guy (@7he_unlucky_guy) Bug Bounty2020-11-262023-06-13
3000Bcrypt — Account TakeOver Due To Weak Encryption — #HR51KDB Information disclosure Account takeover NA DarkLotus (@darklotuskdb) Bug Bounty2020-11-292023-06-13
2995Chaining vulnerabilities lead to account takeover Account takeover Password reset Open redirect Lack of rate limiting NA Ahmed (@ahzsec) Bug Bounty2020-12-012023-06-13
2982Story of the best vulnerability I’ve found so far… Self-XSS Blind XSS Account takeover NA Vedant Tekale (@_justYnot) Bug Bounty2020-12-072023-06-13
2973Exploiting new-era of Request forgery on mobile applications CSRF Account takeover Pinterest Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2020-12-112023-06-13
2970How I hacked Facebook: Part One Missing authentication Authentication bypass Account takeover Meta / Facebook Alaa Abdulridha (@alaa0x2) Bug Bounty2020-12-112023-06-13
2965TikTok Careers Portal Account Takeover CSRF Open redirect Account takeover TikTok Lauritz Holtmann (@_lauritz_) Bug Bounty2020-12-152023-06-13
2958Broken Access Control on samsung.com subdomain leads to Mass Account Takeover of Samsung employees application accounts Information disclosure Account takeover Authorization flaw Samsung Gal Nagli (@naglinagli) Bug Bounty2020-12-182023-06-13
2948EN | Account Takeover via Web Cache Poisoning based Reflected XSS Reflected XSS Web cache poisoning Account takeover NA Lütfü Mert Ceylan (@lutfumertceylan) Bug Bounty2020-12-262023-06-13
2945Chaining CORS by Reflected xss to Account takeover #My first Blog CORS misconfiguration Reflected XSS Account takeover NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2020-12-262023-06-13
2919Github Organization Takeover By Claiming Owner Invitation Account takeover Logic flaw GitHub Abss (@absshax) Bug Bounty2021-01-072023-06-13
2889My first and last crit of 2020 on Hackerone Lack of rate limiting Bruteforce IDOR Password reset Account takeover NA Takester (@dhiraj_ramteke) Bug Bounty2021-01-162023-06-13
2888Strange Admin Panel Bypass Story | | Bug Bounty Authentication bypass Account takeover NA Ranjeet Kumar Singh (@geekboyranjeet) Bug Bounty2021-01-172023-06-13
2869Chaining a self XSS to Account Takeover Self-XSS Reflected XSS Account takeover NA Arman Sameer (@ArmanSameer95) Bug Bounty2021-01-252023-06-13
2861Weird functionality leads to Account Takeover (Millions of Users affected) Account takeover Authentication flaw NA Sahil Mehra (@nullr3x) Bug Bounty2021-01-272023-06-13
2858OTP Bypass Account Takeover to Admin Panel — Ft. Header Injection OTP bypass Account takeover NA Avinash Jain (@logicbomb_1) Bug Bounty2021-01-282023-06-13
2852How I chained P4 To P2 [Open Redirection To Full Account Takeover] Open redirect Account takeover NA Bishal Shrestha (@bishal0x01) Bug Bounty2021-01-302023-06-13
2850An Interesting Account Takeover Vulnerability IDOR Account takeover NA Avanish Pathak (@avanish46) Bug Bounty2021-01-302023-06-13
2848An Account Takeover Vulnerability Due to Response Manipulation. Authentication bypass Account takeover NA Avanish Pathak (@avanish46) Bug Bounty2021-01-312023-06-13
2840How I was able to Turn a XSS into a Account Takeover Web cache poisoning Stored XSS Account takeover OAuth Logic flaw NA Josh Fam (@Pullerze) Bug Bounty2021-02-032023-06-13
2828Duplicate Registration - The Twinning Twins Account takeover Authentication flaw NA Jerry Shah (@Jerry) Bug Bounty2021-02-082023-06-13