Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1311Advisory | Roxy-WI Unauthenticated Remote Code Executions CVE-2022-31137 RCE Authentication bypass Roxy-WI Nuri Çilengir (@ncilengir) Bug Bounty2022-07-262023-06-13
1309Disclosing information with a side-channel in Django Side channel attack Django Dennis Brinkrolf (@DBrinkrolf) Bug Bounty2022-07-262023-06-13
1308CVE-2022-31813: Forwarding Addresses Is Hard Host header injection DoS IP address spoofing Internet Bug Bounty (Apache HTTPD) Gaetan Ferry (@_mabote_) Bug Bounty2022-07-262023-06-13
1307HTTP Parameter Pollution - It’s Contaminated Again HTTP parameter pollution Rate limiting bypass NA Jerry Shah (@Jerry) Bug Bounty2022-07-262023-06-13
1300Researching Open Source apps for XSS to RCE flaws XSS RCE NA Aleksey Solovev Bug Bounty2022-07-282023-06-13
1297Arris / Arris-variant DSL/Fiber router critical vulnerability exposure Path traversal Memory corruption ARRIS Derek Abdine (@dabdine) Bug Bounty2022-07-292023-06-13
1296Business logic vulnerabilities Logic flaw Payment tampering NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-07-292023-06-13
1295Discord Desktop - Remote Code Execution RCE XSS Sandbox bypass CSP bypass Discord s1r1us (@s1r1u5_) Bug Bounty2022-07-292023-06-13
1293My Second CVE (CVE-2022-31855) OS command injection Local Privilege Escalation RStudio y0ung_dst (@Y0ung_MA) Bug Bounty2022-07-302023-06-13
1292How I Earned €150 in 2 Minutes | HTML injection in email HTML injection NA Thillai Raj Bug Bounty2022-07-302023-06-13
1291How I get Full Account Takeover via stealing action’s login form | XSS XSS Account takeover NA Mohamed Tarek (@timooon107) Bug Bounty2022-08-012023-06-13
1290Analysis of Adobe Acrobat Reader Javascript Doc.print() Use-After-Free Vulnerability (CVE-2022-34233) Memory corruption Adobe ThreatLabz (@Threatlabz) Bug Bounty2022-08-012023-06-13
1289How I earned $10,000 within the last 7 months — a 17y/o Edition Authorization flaw NA Gowtham Naidu Ponnana (@gowtham_ponnana) Bug Bounty2022-08-012023-06-13
1288Stored XSS to Account Takeover : Going beyond document.cookie | Stealing Session Data from IndexedDB Stored XSS Account takeover NA Syed Mushfik Hasan Tahsin (@SMHTahsin33) Bug Bounty2022-08-022023-06-13
1286How I earned 500$ by uploading a file: write-up of one of my first bug bounty Unrestricted file upload Semrush Riccardo Malatesta (@seeu_inspace) Bug Bounty2022-08-022023-06-13
1285Multiple bugs in one program leads to 1500€ Privilege escalation IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-022023-06-13
1282Elasticsearch A Easy Win For Bug Bounty Hunters || How To Find and Report Information disclosure NA Tamim Hasan (@tamimhasan404) Bug Bounty2022-08-032023-06-13
1281Hijacking email with Cloudflare Email Routing HTTP response manipulation Privilege escalation NA Albert Pedersen (@AlbertSPedersen) Bug Bounty2022-08-032023-06-13
1280Came looking for SSRF and found XSS XSS WAF bypass NA Ibrahim Radi (@ibraradi9) Bug Bounty2022-08-042023-06-13
1277CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE Local Privilege Escalation VMware Spencer McIntyre (@zeroSteiner) Bug Bounty2022-08-052023-06-13
1276Revisiting OMI: Analysis of CVE-2022-29149, a privilege escalation vulnerability in Azure OMI Local Privilege Escalation Cloud Microsoft Nir Ohfeld (@nirohfeld) Bug Bounty2022-08-052023-06-13
1275How i was able to get 29 free products. | Bug Bounty Race condition NA Fırat Bug Bounty2022-08-062023-06-13
1274CVE-2022-29582 - An io_uring vulnerability Memory corruption Google Jayden (@Awarau1) Bug Bounty2022-08-062023-06-13
1272Liferay revisited: A tale of 20k$ RCE NA VNG Security Response Center (@vngsecresponse) Bug Bounty2022-08-062023-06-13
12712FA Bypass via Google Identity & OAuth Login MFA bypass Account takeover NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2022-08-072023-06-13