Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1390Account Takeover via Response Manipulation Authentication bypass Account takeover MFA bypass HTTP response manipulation NA BUG HUNTER Bug Bounty2022-07-082023-06-13
1386An interesting idor that allowed me to See all projects ($$$$ Bounty) IDOR NA Abdelkader Mouaz (@hamzadzworm) Bug Bounty2022-07-092023-06-13
1385Exploiting SQL Injection at Authorization token SQL injection Account takeover NA Basudev Bug Bounty2022-07-092023-06-13
1384How I earned 200$ in Bug Bounty Program Information disclosure NA Idan Malihi Bug Bounty2022-07-092023-06-13
1381How we have pwned Root-Me in 2022 XSS CSRF RCE SPIP SpawnZii (@SpawnZii) Bug Bounty2022-07-122023-06-13
1379How a Simple IDOR Led Me to Delete Any Account IDOR CSRF NA rajesh.r (@_rajesh_ranjan_) Bug Bounty2022-07-122023-06-13
1378Write Up 1: Hellosign Integration [Full Read SSRF] SSRF NA Soufiane Habti (@wld_basha) Bug Bounty2022-07-122023-06-13
1376CVE-2022-32223 Discovery: DLL Hijacking via npm CLI DLL Hijacking Privilege escalation Node.js Yakir Kadkoda Bug Bounty2022-07-122023-06-13
1375Leveraging the SQL Injection to Execute the XSS by Evading CSP CSP bypass SQL injection XSS NA Nirmal Dahal (@TheNittam) Bug Bounty2022-07-122023-06-13
1373CVE-2022-29885 - Don%27t Open That Port - A Denial Of Service vulnerability on Apache Tomcat Cluster Service Listener DoS Internet Bug Bounty void (@voidz0r) Bug Bounty2022-07-132023-06-13
1372Hacking on a Private Program (Salseforce crm) RCE OS command injection NA Maruf Hosan (@thinkermaruff) Bug Bounty2022-07-132023-06-13
1371Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 Local Privilege Escalation Apple Microsoft 365 Defender Research Team Bug Bounty2022-07-132023-06-13
1369From Open Redirect to Reflected XSS manually Open redirect Reflected XSS NA Rodric Bug Bounty2022-07-142023-06-13
1368CVE-2022-30136: Microsoft Windows Network File System V4 Remote Code Execution Vulnerability RCE DoS Memory corruption Microsoft Yuki Chen (@guhe120) Bug Bounty2022-07-142023-06-13
1367Abusing URL Shortners for fun and profit Information disclosure Account takeover IDOR NA Sicksec (@OriginalSicksec) Bug Bounty2022-07-142023-06-13
1365Exploiting Arbitrary Object Instantiations in PHP without Custom Classes RCE Arbitrary Object Instantiation Bruteforce LDAP injection NA Arseniy Sharoglazov (@_mohemiv) Bug Bounty2022-07-142023-06-13
1362Exploiting Arbitrary Object Instantiations in PHP without Custom Classes Lack of rate limiting Privilege escalation IDOR Account takeover NA Muhammad Talha / evilmango Bug Bounty2022-07-152023-06-13
1361Good Recon Leads To Senssitive Accounts Information disclosure Username enumeration NA Milanjain Bug Bounty2022-07-152023-06-13
1359Authorization token leak from verify email endpoint Account takeover Information disclosure NA Vengeance Bug Bounty2022-07-162023-06-13
1358First Bug Bounty from DOS: Taking the service down DoS NA Faique (@imfaiqu3) Bug Bounty2022-07-162023-06-13
1357Business logic error Logic flaw NA anjaneyulu kanakatla Bug Bounty2022-07-162023-06-13
1356Subdomain takeover and Text injection on a 404 error page-$100 bounty Subdomain takeover NA Jeewan Bhatta (@thenullkid) Bug Bounty2022-07-162023-06-13
1355CRLF to Account takeover (chaining bugs) CRLF injection XSS Account takeover NA MoSec (@moe1n1) Bug Bounty2022-07-162023-06-13
1354Going beyond Alert with XSS XSS Account takeover NA pipsh Bug Bounty2022-07-162023-06-13
1353A Story Of My First Bug Bounty Information disclosure NA Raj Qureshi (@RajQureshi9) Bug Bounty2022-07-172023-06-13