Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3130P1: Critical - Discovering and Foiling a Threat Actor Information disclosure NA Jackson Henry (@JacksonHHax) Bug Bounty2020-09-272023-06-13
3129Taking down the SSO, Account Takeover in the Websites of Kolesa due to Insecure JSONP Call Account takeover NA Yashar Shahinzadeh (@YShahinzadeh) Bug Bounty2020-09-282023-06-13
3128Public Bucket Allowed Access to Images on Upcoming Google Cloud Blog Posts GCP bucket misconfiguration Information disclosure Cloud Google Thomas Orlita (@ThomasOrlita) Bug Bounty2020-09-292023-06-13
3127The Art of IDOR: 7 IDORs in Edm0d0 IDOR Edmodo Pratyush Anjan Sarangi Bug Bounty2020-09-292023-06-13
3126RCE on Spip and Root-Me RCE SQL injection XSS Open redirect Reflected file download SPIP Laluka (@TheLaluka) Bug Bounty2020-09-292023-06-13
3125Story of a weird vulnerability I found on Facebook Authentication bypass Information disclosure Meta / Facebook Amine Aboud (@amineaboud) Bug Bounty2020-09-302023-06-13
3124Write Up – Google Bug Bounty: XSS To Cloud Shell Instance Takeover (Rce As Root) – $5,000 USD XSS RCE Google Omar Espino (@omespino) Bug Bounty2020-10-012023-06-13
3123The Powerful HTTP Request Smuggling 💪 HTTP Request Smuggling NA Ricardo Iramar dos Santos (@ricardo_iramar) Bug Bounty2020-10-012023-06-13
3122Arbitrary code execution on Facebook for Android through download feature Arbitrary code execution Meta / Facebook Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2020-10-022023-06-13
3121Journey Of My First Bug Bounty (Nov 2018) Authentication bypass Samsung Harsh Tyagi (@harshtya9i) Bug Bounty2020-10-022023-06-13
3120Exploiting Payment Gateways Payment tampering NA letmeslidein (@VasuYadaav) Bug Bounty2020-10-032023-06-13
3119Spend more time doing recon, you’ll find more BUGS. Reflected XSS Information disclosure NA Vedant Tekale (@_justYnot) Bug Bounty2020-10-032023-06-13
3118Leveraging LFI to RCE in a website with +20000 users LFI RCE NA Kleiton Kurti (@kleiton0x7e) Bug Bounty2020-10-042023-06-13
3117Easy wins : verbose error worth Facebook HOF Information disclosure Meta / Facebook Mukul Lohar (@ironfisto) Bug Bounty2020-10-052023-06-13
3116Watch your requests! Open redirect to a complete account takeover Path traversal Open redirect SSRF Account takeover NA Suraj Disoja (@ninetyn1ne_) Bug Bounty2020-10-052023-06-13
311590 days, 16 bugs, and an Azure Sphere Challenge Local privilege escalation RCE DoS Information disclosure Microsoft Cisco Talos Bug Bounty2020-10-062023-06-13
3114Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program Local privilege escalation RCE Security Feature bypass Microsoft McAfee Advanced Threat Research (ATR) Bug Bounty2020-10-062023-06-13
3113Sensitive Info Leak in Curve App [Bug Bounty] Information disclosure Curve ΡRΛSΞUDΟ ® (@praseudo) Bug Bounty2020-10-072023-06-13
31126k$ Worth Account Takeover via IDOR in Starbucks Singapore IDOR Account takeover Starbucks Kamil Onur Özkaleli (@ko2sec) Bug Bounty2020-10-072023-06-13
3111Research: The mass CSRFing of *.google.com/* products. CSRF Google Missoum Said (@missoum1307) Bug Bounty2020-10-072023-06-13
3109We Hacked Apple for 3 Months: Here’s What We Found RCE Authentication bypass Authorization bypass SSRF XXE Blind XSS IDOR OS command injection SQL injection Apple Sam Curry (@samwcyo) Bug Bounty2020-10-072023-06-13
3108Kud I Enter Your Server? New Vulnerabilities in Microsoft Azure Privilege escalation RCE Cloud Microsoft Intezer Bug Bounty2020-10-082023-06-13
3107ATO via Host Header Poisoning Host header injection Account takeover Password reset NA Shivam Kamboj Dattana (@sechunt3r) Bug Bounty2020-10-082023-06-13
3106Exploiting Admin Panel Like a Boss Authorization bypass Weak credentials NA Shivam Kamboj Dattana (@sechunt3r) Bug Bounty2020-10-082023-06-13
3105CVE-2018–5230 | JIRA Cross Site Scripting Reflected XSS NA Paras Arora (@parasarora06) Bug Bounty2020-10-092023-06-13