Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1732My First Bug on VDP & BBP - Bug Bounty Stored XSS NA Aditya Singh / rook1337 (@imrook1337) Bug Bounty2022-03-152023-06-13
1729How I managed to trigger XSS automatically to get critical account takeover Stored XSS NA c4rrilat0r (@c4rrilat0r) Bug Bounty2022-03-152023-06-13
1676Small bugs are more dangerous than you think Self-XSS Stored XSS Open redirect CSRF NA Liv Matan (@terminatorLM) Bug Bounty2022-04-012023-06-13
1596[EN] Privileged account creation via Mass Assignment towards a full compromise using a Stored XSS Stored XSS Mass assignment Security code review pass Culture Aethlios (@AethliosIK) Bug Bounty2022-04-262023-06-13
1550Bypassing WAF to Weaponize a Stored XSS Stored XSS NA ne555 Bug Bounty2022-05-172023-06-13
1457XSS Blind Stored at Asset Domain Android Apps TikTok Stored XSS TikTok Aidil Arief Bug Bounty2022-06-162023-06-13
1389stored XSS and stored HTML Injection in United Nations Website XSS HTML injection United Nations Ahmed Hassan Bug Bounty2022-07-082023-06-13
1288Stored XSS to Account Takeover : Going beyond document.cookie | Stealing Session Data from IndexedDB Stored XSS Account takeover NA Syed Mushfik Hasan Tahsin (@SMHTahsin33) Bug Bounty2022-08-022023-06-13
1269Stored XSS in app.gitbook.com Stored XSS GitBook Mohammad Alfin Hidayatullah (@Alpinbrainsec) Bug Bounty2022-08-082023-06-13
1225URL filter bypass, RFI and XSS Stored XSS RFI NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1035Stored XSS in Nvidia via Angular JS template injection CSTI Stored XSS Nvidia Mohamed Abdelhady Bug Bounty2022-09-252023-06-13
1010Zoneminder – Web App Testing – Oct 2022 DoS Log injection CSRF Stored XSS ZoneMinder Trenches of IT (@TrenchesofIT) Bug Bounty2022-09-302023-06-13
939Vulnerabilities in Tenda%27s W15Ev2 AC1200 Router OS command injection Buffer Overflow Memory corruption Stored XSS Authorization flaw Information disclosure Tenda Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-192023-06-13
934FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer CSTI Stored XSS Microsoft Lidor Ben Shitrit Bug Bounty2022-10-192023-06-13
916How I Found A Simple Stored XSS Stored XSS NA Raymond Lind Bug Bounty2022-10-242023-06-13
9145000$ for Apple Stored Xss And Another Blind Xss Still under review Blind XSS Apple Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-10-242023-06-13
906GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown OS command injection Arbitrary file read Information disclosure Account takeover Stored XSS Lack of rate limiting Weak credentials Password policy bypass GL.iNet Olivier Laflamme (@olivier_boschko) Bug Bounty2022-10-262023-06-13
905Stored XSS To Cookie Exfiltration Stored XSS NA Raymond Lind Bug Bounty2022-10-262023-06-13
868Case of Admin Bypass for RCE, XSS, and Information Disclosure RCE Unrestricted file upload Stored XSS Information disclosure NA Sam Paredes (@caffeinevulns) Bug Bounty2022-11-032023-06-13
864PENTEST TALES: EXIF Data Manipulation Unrestricted file upload Stored XSS NA Armand Jasharaj Bug Bounty2022-11-052023-06-13
803How i found 29 stored XSS in modern framework Stored XSS NA Dewanand Vishal (@dewcode91) Bug Bounty2022-11-202023-06-13
794Interesting Stored XSS via meta data Stored XSS NA Veshraj Ghimire (@GhimireVeshraj) Bug Bounty2022-11-222023-06-13
791CVE-2021-40662 Chamilo LMS 1.11.14 RCE Stored XSS CSRF RCE Chamilo LMS Febin Bug Bounty2021-11-232023-06-13
790XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by Scammers Stored XSS ConnectWise Nati Tal Bug Bounty2022-11-232023-06-13
772A great weekend hack(worth $8k) SQL injection IDOR Stored XSS NA Manas Harsh (@ManasH4rsh) Bug Bounty2022-11-262023-06-13