Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1231CVE-2022-30216 - Authentication coercion of the Windows “Server” service Off-by-one Error Authentication coercion Microsoft Ben Barnea (@nachoskrnl) Bug Bounty2022-08-132023-06-13
1229Remote Code Execution on Element Desktop Application using Node Integration in Sub Frames Bypass - CVE-2022-23597 RCE XSS Matrix (Element) s1r1us (@s1r1u5_) Bug Bounty2022-08-132023-06-13
1228XSS via Angular Template Injection CSTI XSS WAF bypass NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-132023-06-13
1225URL filter bypass, RFI and XSS Stored XSS RFI NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1224The forgotten API and XSS filter bypass XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-142023-06-13
1223Five-minute hunting for hidden XSS Reflected XSS NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-152023-06-13
12221day to 0day(CVE-2022-30024) on TP-Link TL-WR841N Memory corruption TP-Link Trần Minh Cường Bug Bounty2022-08-152023-06-13
1221Business Logic Vulnerability via IDOR IDOR Payment tampering NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-152023-06-13
1220Salesforce bug hunting to Critical bug Information disclosure Salesforce NA Vuk Ivanovic Bug Bounty2022-08-152023-06-13
1218CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after Free Vulnerability Memory corruption RCE Microsoft Alex Nichols (@i4mchr00t) Bug Bounty2022-08-152023-06-13
1216FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug Memory corruption Local Privilege Escalation FreeBSD Security Team Chris (@accessvector) Bug Bounty2022-08-162023-06-13
12142FA Bypass Do Re Mi MFA bypass NA Ashlyn Lau (@ashlyn_lau) Bug Bounty2022-08-162023-06-13
1210RCE on Spip and Root-Me, v2! RCE SSTI DNS rebinding XSS Code injection Unrestricted file upload SPIP Laluka (@TheLaluka) Bug Bounty2022-08-162023-06-13
1208N/a to $750 bounty for a Blind XSS. Blind XSS NA Dirtycoder (@dirtycoder0124) Bug Bounty2022-08-182023-06-13
1206Let%27s Dance in the Cache - Destabilizing Hash Table on Microsoft IIS! DoS Web cache poisoning Authentication bypass Microsoft Orange Tsai (@orange_8361) Bug Bounty2022-08-182023-06-13
1205Fishbowl Disclosure: CVE-2022-29805 Insecure deserialization Fishbowl Michael Rand Bug Bounty2022-08-182023-06-13
1203Outlook CVE-2022-35742 DoS Microsoft insu (@hpy_insu) Bug Bounty2022-08-182023-06-13
1199Account takeover worth $1000 Account takeover Authentication bypass Information disclosure Password reset NA Faique (@imfaiqu3) Bug Bounty2022-08-192023-06-13
1198Never underestimate the power of open redirect, a story of a full account takeover Open redirect Account takeover Token leak NA Ibrahim Auwal (@ibrahimatix0x01) Bug Bounty2022-08-202023-06-13
1196Failed Coding Assessment to Remote Code Execution - Part 1 RCE HackerEarth Akash Chhabra (@_hackingguy) Bug Bounty2022-08-202023-06-13
1195Blind command injection RCE OS command injection NA Bartłomiej Bergier (@_bergee_) Bug Bounty2022-08-212023-06-13
1194Blockchain Network is Secured! But not the apps and their Integrations Payment tampering Logic flaw NA Keyur Talati Bug Bounty2022-08-222023-06-13
1191Useless path traversals in Zyxel admin interface (CVE-2022-2030) Path traversal Zyxel Maurizio Agazzini (@0x696e6f6465) Bug Bounty2022-08-222023-06-13
1189Patch bypass for [CVE-2020-6369] Hard-coded Credentials in CA Introscope Enterprise Manager Hardcoded credentials Information disclosure SAP Arpine Maghakyan Bug Bounty2022-08-222023-06-13
1188Paracosme - CVE-2022-33318 - Remote Code Execution in ICONICS Genesis64 Memory corruption RCE ICONICS Axel Souchet (@0vercl0k) Bug Bounty2022-08-222023-06-13