Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3051Attack of the clones: Git clients remote code execution RCE GitHub Vitor Fernandes (@Rapt00rVF) Bug Bounty2020-11-062023-06-13
3049How i could take over any Account on a USA Department of Defense Website due to a simple IDOR IDOR Account takeover U.S. Dept Of Defense Gal Nagli (@naglinagli) Bug Bounty2020-11-072023-06-13
3048Silver Peak Unity Orchestrator RCE RCE Authentication bypass Path traversal SQL injection Silver Peak Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-082023-06-13
3046Firefox for Android: LAN-Based Intent Triggering Insecure intent Android Mozilla initstring (@init_string) Bug Bounty2020-11-102023-06-13
3045Chaining password reset link poisoning, IDOR, and information leakage to achieve account takeover at api.redacted.com HTTP header injection NA Jadek Mark (@mase289) Bug Bounty2020-11-102023-06-13
3044SSRF (Server Side Request Forgery) worth $4,913 | My Highest Bounty Ever ! SSRF Dropbox Sayaan Alam (@ehsayaan) Bug Bounty2020-11-102023-06-13
304331k$ SSRF in Google Cloud Monitoring led to metadata exposure SSRF Google David Nechuta (@david_nechuta) Bug Bounty2020-11-102023-06-13
3042id.atlassian.com Username enumeration Username enumeration Atlassian Denis Andzakovic Bug Bounty2020-11-112023-06-13
3041Local Privilege Escalation Vulnerability Discovered in VMware Fusion Local Privilege Escalation VMware Rich Mirch (@0xm1rch) Bug Bounty2020-11-112023-06-13
3040Evernote: Universal-XSS, theft of all cookies from all sites, and more Universal XSS Evernote Oversecured (@OversecuredInc) Bug Bounty2020-11-122023-06-13
3039Evading Filters to perform the Arbitrary URL Redirection Attack Open redirect NA Harsh Bothra (@harshbothra_) Bug Bounty2020-11-122023-06-13
3038User’s private watched videos/saved videos exposed through a messenger call from a locked smartphone. Information disclosure Authorization flaw Meta / Facebook Samip Aryal (@samiparyal_) Bug Bounty2020-11-132023-06-13
3037How a simple bug in Facebook Lite let me win my first bug bounty from Facebook Information disclosure Meta / Facebook Samip Aryal (@samiparyal_) Bug Bounty2020-11-132023-06-13
3036Interesting case of SQLi SQL injection NA Nikhil (niks) (@niksthehacker) Bug Bounty2020-11-132023-06-13
3035How I Found The Facebook Messenger Leaking Access Token Of Million Users Information disclosure Meta / Facebook Guhan Raja (@havocgwen) Bug Bounty2020-11-132023-06-13
3034Smuggling an (Un)exploitable XSS HTTP Request Smuggling XSS NA Julien Ahrens (@MrTuxracer) Bug Bounty2020-11-132023-06-13
3033Replying Comments On Someone’s LiveStream From Page is Posted as Personal Identity Logic flaw Meta / Facebook Prakash Panta (@Prakashpanta268) Bug Bounty2020-11-132023-06-13
3032Theoretically Possible To Practical Account Takeover IDOR Account takeover NA Mukul Lohar (@ironfisto) Bug Bounty2020-11-142023-06-13
3031Account takeover through password reset Account takeover Password reset NA Omar Hamdy (@seaman00o) Bug Bounty2020-11-142023-06-13
3030SD-PWN Part 2 — Citrix SD-WAN Center — Another Network Takeover RCE Authentication bypass Path traversal OS command injection Local Privilege Escalation Citrix Systems Realmode Labs (@RealmodeLabs) Bug Bounty2020-11-152023-06-13
3029Exploiting API with AuthToken Token leak Information disclosure NA Rafi Ahamed (Leonidas D. Ace) Bug Bounty2020-11-152023-06-13
3028Weak Cryptography to Account Takeover’s Cryptographic issues Account takeover IDOR NA letmeslidein (@VasuYadaav) Bug Bounty2020-11-152023-06-13
3027Microsoft Bug Bounty Writeup – Stored XSS Vulnerability Stored XSS Microsoft Pethuraj (@Pethuraj) Bug Bounty2020-11-152023-06-13
3026Optimizing Hunting Results in VDP for use in Bug Bounty Programs - From Sensitive Information Disclosure to Accessing Hidden APIs which can be used to Retrieve Customer Data Information disclosure Broken access control IDOR SQL injection NA YoKo Kho (@YokoAcc) Bug Bounty2020-11-152023-06-13
3025RCE via Server-Side Template Injection SSTI RCE NA Gaurav Mishra (@gmishra010) Bug Bounty2020-11-152023-06-13