Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2974Hiding from a custom list is possible on who sees our post is possible making victim not remove them from the list. Logic flaw Meta / Facebook Baibhav Anand (@SpongeBhav) Bug Bounty2020-12-112023-06-13
2973Exploiting new-era of Request forgery on mobile applications CSRF Account takeover Pinterest Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2020-12-112023-06-13
2972How I dumped PII information of customers in an ecommerce site? AWS misconfiguration NA Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2020-12-112023-06-13
2971How i got my First Bug Bounty in Intersting Target (LFI to SXSS) LFI Stored XSS NA Ph.Hitachi Bug Bounty2020-12-112023-06-13
2970How I hacked Facebook: Part One Missing authentication Authentication bypass Account takeover Meta / Facebook Alaa Abdulridha (@alaa0x2) Bug Bounty2020-12-112023-06-13
2969Security Study of Service Worker Cross-Site Scripting. XSS Service worker based XSS NA Phakpoom Chinprutthiwong Bug Bounty2020-12-112023-06-13
2968Confirm an email address belonging to a specific user Information disclosure Meta / Facebook abdellah yaala (@yaalaab) Bug Bounty2020-12-122023-06-13
2967Disclosing the members of private Facebook Group as a non-member. Authorization flaw Logic flaw Meta / Facebook Baibhav Anand (@SpongeBhav) Bug Bounty2020-12-152023-06-13
2966Download Filename Manipulation due to improper rendering of RTLO characters RTLO NA Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2020-12-152023-06-13
2965TikTok Careers Portal Account Takeover CSRF Open redirect Account takeover TikTok Lauritz Holtmann (@_lauritz_) Bug Bounty2020-12-152023-06-13
2964JavaScript analysis leading to Admin portal access Authorization flaw Broken Access Control NA Rikesh Baniya / NotRickyy (@rikeshbaniya) Bug Bounty2020-12-162023-06-13
2963How I hacked IBM and got full access on many services? Information disclosure IBM Abdullah Mohamed (@3bodymo_) Bug Bounty2020-12-162023-06-13
2962D-Link: Multiple Security Vulnerabilities Leading to RCE RCE Authentication bypass Information disclosure D-Link Harold Zang Bug Bounty2020-12-172023-06-13
2961Github Secrets exposed due to RCE in Formatter Action from pull_request_target event RCE Google Anthony Weems Bug Bounty2020-12-172023-06-13
2960My Bug Bounty Journey and My First Critical Bug — Time Based Blind SQL Injection SQL injection NA Marx Chryz Bug Bounty2020-12-172023-06-13
2959Misconfigured s3 bucket leads to Sensitive Data exposure(No super controls ) AWS misconfiguration NA Virdoexhunter Bug Bounty2020-12-182023-06-13
2958Broken Access Control on samsung.com subdomain leads to Mass Account Takeover of Samsung employees application accounts Information disclosure Account takeover Authorization flaw Samsung Gal Nagli (@naglinagli) Bug Bounty2020-12-182023-06-13
2957Write Up: Google VRP N/A – Sandboxed Rce As Root On Apigee API Proxies RCE Google Omar Espino (@omespino) Bug Bounty2020-12-192023-06-13
2956Worth $1,500 IDOR (Access Unauthorize Data) IDOR NA Muhammad Asim Shahzad (@protector47) Bug Bounty2020-12-202023-06-13
2955Facebook bug Bounty -Finding the hidden members of the private events. Information disclosure Logic flaw Meta / Facebook Vivek ps (@vivekps143) Bug Bounty2020-12-202023-06-13
2954This is how I was able to view anyone’s private email and birthday on Instagram Information disclosure Logic flaw Meta / Facebook Saugat Pokharel (@saugatpk5) Bug Bounty2020-12-202023-06-13
2953SSTI in Google Maps SSTI Google s1r1us (@s1r1u5_) Bug Bounty2020-12-222023-06-13
2952Hack crypto secrets from heap memory to exploit Android application Cryptographic issues NA secureITmania (@secureitmania) Bug Bounty2020-12-222023-06-13
2951Cookie Tossing to RCE on Google Cloud JupyterLab Self-XSS DoS CSRF RCE Google s1r1us (@s1r1u5_) Bug Bounty2020-12-232023-06-13
2950Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge Prototype pollution Node.js third-party modules Eugene Lim (@spaceraccoonsec) Bug Bounty2020-12-232023-06-13