Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3155Dropbox Escalation of Privileges to SYSTEM on Windows Local Privilege Escalation Dropbox Teresa Alberto Bug Bounty2020-09-172023-06-13
3154My First Bug Bounty From Bug Bounty Platform redstorm.io CSRF RedStorm Novan Aziz Ramadhan (@novan_rmd) Bug Bounty2020-09-172023-06-13
3153Reflected XSS via a hidden parameter on Dutch Gov. website Reflected XSS Dutch Government Supras (@LdrTom) Bug Bounty2020-09-192023-06-13
3152Privilege Escalation via Account Takeover on NodeBB Forum Software — Bug Bounty (512$) — CVE-2020–15149 IDOR Account takeover NodeBB Muhammed Eren Uygun (@erenuyguun) Bug Bounty2020-09-192023-06-13
3151CVE-2020-9964 - An iOS infoleak iOS Memory initialisation issue Apple Muirey03 (@Muirey03) Bug Bounty2020-09-192023-06-13
3150Emoji error handling SQL injection NA shesha sai_c (@Cyb3r_4ss4s1n) Bug Bounty2020-09-192023-06-13
3149Remote code execution in import image task via storage bucket squatting RCE Google Anthony Weems Bug Bounty2020-09-192023-06-13
3148You can’t stop me. MS Teams session hijacking and bypass Insecure storage of sensitive information Microsoft Bandit Pingu (@FlyingPhishy) Bug Bounty2020-09-202023-06-13
3147Cross-tenant Cloud Function compromise via storage bucket squatting Cross-tenant vulnerability Google Anthony Weems Bug Bounty2020-09-202023-06-13
3146How I By-pass the login page and 2FA authentication….. Authentication bypass OTP bypass MFA bypass NA Harsh Bug Bounty2020-09-202023-06-13
3145$25K Instagram Almost XSS Filter Link — Facebook Bug Bounty Stored XSS Meta / Facebook Andres Alonso (@al0nnso) Bug Bounty2020-09-202023-06-13
3144How I earned $500 from Google - Flaw in Authentication Authentication flaw Google Hemant Patidar (@HemantSolo) Bug Bounty2020-09-202023-06-13
3143Unauthenticated File upload Vulnerability on Synology Sub-domain Unrestricted file upload Synology Touhid Shaikh Bug Bounty2020-09-202023-06-13
3142suPHP - The vulnerable ghost in your shell Local Privilege Escalation NA Maxime (@punkeel) Bug Bounty2020-09-212023-06-13
3141suPHP - The vulnerable ghost in your shell🎯Business Logic Flaw in Google Acquisition! (Hall Of Fame)🎯 Logic flaw Google Ritesh Gohil (@RiteshG37659480) Bug Bounty2020-09-212023-06-13
3140Fun with Header and Forget Password HTTP header injection NA Vuk Ivanovic Bug Bounty2020-09-222023-06-13
3139#Bugbounty- “How I was able to see other users Payments in a travel application” — IDOR #800$ IDOR Information disclosure NA ganiganesh (@ganiganeshss79) Bug Bounty2020-09-222023-06-13
3138VMware Workstation: Attack surface through Virtual Printer Memory corruption Integer overflow VMware Lê Hữu Quang Linh (@linhlhq) Bug Bounty2020-09-232023-06-13
3137Dangling DNS: AWS EC2 Dangling DNS records Subdomain takeover NA Mohamed Elbadry (@_melbadry9) Bug Bounty2020-09-242023-06-13
3136PII Leakage via IDOR + Weak PasswordReset = Full Account Takeover IDOR Information disclosure NA Pradeep Kumar (@Killer007p) Bug Bounty2020-09-252023-06-13
3135Advisory: security issues in AWS KMS and AWS Encryption SDKs Cryptographic issues Information disclosure AWS Thai Duong (@XorNinja) Bug Bounty2020-09-252023-06-13
3134Parameter Tampering ₹→$ Parameter tampering NA SuneetSingh Bug Bounty2020-09-262023-06-13
3133Hacking the Medium partner program Logic flaw Medium Mohammad-Ali Bandzar Bug Bounty2020-09-262023-06-13
3132Chains on Chains: Chaining multiple low-level vulns into a Critical. Blind XSS CSP bypass Lack of rate limiting Exposed JWT generation endpoint JWT NA Daniel Marte (@Masonhck3571) Bug Bounty2020-09-262023-06-13
31315 Ways to do Account Takeover in a Single Website Account takeover Lack of rate limiting OTP bypass IDOR OAuth JWT NA letmeslidein (@VasuYadaav) Bug Bounty2020-09-272023-06-13