Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1519How an Open Redirection Leads to an Account Takeover? Open redirect Account takeover NA Mahendra Purbia (@Mah3Sec_) Bug Bounty2022-05-262023-06-13
1518Social Media Take Over = Easy Money Broken link hijacking NA Jesse Clark (@Hogarth45_) Bug Bounty2022-05-262023-06-13
1517DNN CMS Server-Side Request Forgery (CVE-2021-40186) SSRF Security code review DNN (DotNetNuke) Appcheck NG Bug Bounty2022-05-262023-06-13
1516Bygone Vulnerabilities - Remote Code Execution in IBM Lotus SameTime Clients (CVE-2013-0553) XSS RCE IBM Brian (@hoyahaxa) Bug Bounty2022-05-272023-06-13
1514Weird Email Verification Bypass Email verification bypass NA Vaibhav Atkale Bug Bounty2022-05-282023-06-13
1512Exploiting iOS app for fun and profit Account takeover Information disclosure NA Bijan Murmu (@0xbijan) Bug Bounty2022-05-292023-06-13
1511External Authentication bypass in ingress-nginx Path traversal Authentication bypass Kubernetes Niemiec Marcin (@xvnpw) Bug Bounty2022-05-292023-06-13
1510DOMAIN ADMIN Compromise in 3 HOURS Default credentials NA popalltheshells Bug Bounty2022-05-292023-06-13
1508How to find & access Admin Panel by digging into JS files…🥰 Weak credentials WAF bypass NA Ratnadip Gajbhiye (@scspcommunity) Bug Bounty2022-05-302023-06-13
1505SQL injection to Remote Command Execution (RCE) SQL injection RCE NA Kwadwo Amoako Bug Bounty2022-05-312023-06-13
1504How I found a GoldMine but got No Gold Old components with known vulnerabilities NA Muhammad Abdullah Bug Bounty2022-06-012023-06-13
1500How Attacker could have suffocated the company staff Default credentials NA Muhammad Abdullah Bug Bounty2022-06-052023-06-13
1499If It’s a Feature!!! Let’s Abuse It for $750 CSRF NA Shakti Mohanty (@3ncryptSaan) Bug Bounty2022-06-052023-06-13
1498Ivanti EPM Remote Code Execution RCE Components with known vulnerabilities NA Nick Berrie (@machevalia) Bug Bounty2022-06-052023-06-13
1497Another vision for SSRF SSRF NA phor3nsic (@phor3nsic_br) Bug Bounty2022-06-062023-06-13
1493CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow Buffer Overflow Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-06-082023-06-13
1491Account Takeover by Chaining Two IDORs IDOR Account takeover NA Demon (@R29k_) Bug Bounty2022-06-082023-06-13
1490Extracting Clear-Text Credentials Directly From Chromium’s Memory Browser hacking Google (Chromium) Zeev Ben Porat Bug Bounty2022-06-082023-06-13
1489De-Anonymization attacks against Proton services Privacy issue Information disclosure HTML injection Local Privilege Escalation Proton AG Ruben Santamarta (@reversemode) Bug Bounty2022-06-082023-06-13
1488Denial of Service Vulnerability in Envoy Proxy – CVE-2022-29225 Zip bomb DoS Envoy JFrog Security Research Team (@JFrogSecurity) Bug Bounty2022-06-092023-06-13
1485CVE-2022-1040 Sophos XG Firewall Authentication bypass Authentication bypass RCE Sophos Nguyễn Đình Biển (@biennd279) Bug Bounty2022-06-092023-06-13
1483My first CVE-2022–31289 Authentication bypass 403 bypass HTTP response manipulation Sonatype Praveen Mali (@pmmali_) Bug Bounty2022-06-112023-06-13
1482ed25519-unsafe-libs Cryptographic issues NA Konstantinos Chalkias Bug Bounty2022-06-112023-06-13
1480From blind SSRF to localhost dirbusting and asset enumeration SSRF NA Jovan Šikanja (@joshibeast) Bug Bounty2022-06-112023-06-13
1477Hacking 6.5+ million websites => CVE-2022-29455 (Elementor) XSS NA Rotem Bar (@rotembar) Bug Bounty2022-06-122023-06-13