Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1187Break Me Out Of Sandbox In Old Pipe - CVE-2022-22715 Windows Dirty Pipe Local Privilege Escalation Microsoft k0shl (@KeyZ3r0) Bug Bounty2022-08-232023-06-13
1185[CVE-2020-2733] JD Edwards EnterpriseOne Tools admin password not adequately protected Information disclosure Oracle Vahagn Vardanyan (@vah_13) Bug Bounty2022-08-232023-06-13
1182Break the Logic: Insecure Parameters (€300) Parameter manipulation Logic flaw Mass assignment NA can1337 (@canmustdie) Bug Bounty2022-08-242023-06-13
11812-byte DoS in freebsd-telnetd / netbsd-telnetd / netkit-telnetd / inetutils-telnetd / telnetd in Kerberos Version 5 Applications - Binary Golf Grand Prix 3 DoS FreeBSD Security Team Pierre Kim (@PierreKimSec) Bug Bounty2022-08-242023-06-13
1177Chaining Telegram bugs to steal session-related files. Arbitrary file read Android Telegram Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2022-08-252023-06-13
1173Break the Logic: 5 Different Perspectives in Single Page (€1500) Client-side enforcement of server-side security IDOR Authorization flaw NA can1337 (@canmustdie) Bug Bounty2022-08-262023-06-13
1169Improper Input Validation Leads To Email Spamming Email content injection NA Akshay Ravi (@AKSHAYC09YC47) Bug Bounty2022-08-272023-06-13
1168SSRF leads to access AWS metadata. SSRF NA Akash Patil (@skypatil98) Bug Bounty2022-08-272023-06-13
1167The Million Dollar IDOR IDOR Race condition GraphQL NA Monish Basaniwal Bug Bounty2022-08-272023-06-13
1166CSRF Vulnerability In The NodeJS Ecosystem CSRF Node.js third-party modules (csurf) Adrian Tiron (@adrian__t) Bug Bounty2022-08-282023-06-13
1165Unsubscribe any user’s e-mail notifications via IDOR IDOR NA Sagar Sajeev (@Sagar__Sajeev) Bug Bounty2022-08-282023-06-13
1164How I found reflected XSS on IDFC Bank with burp-suite Intruder Reflected XSS IDFC Bank Santosh Kumar Sha (@killmongar1996) Bug Bounty2022-08-282023-06-13
1163Out-Of-Bond Remote code Execution(RCE) on De Nederlandsche Bank N.V. with burp-suite collaborator OS command injection RCE De Nederlandsche Bank Santosh Kumar Sha (@killmongar1996) Bug Bounty2022-08-282023-06-13
1162How I bypassed Reflected XSS in well-known platform XSS NA Iori Yagami Bug Bounty2022-08-292023-06-13
1161Bypassing Amazon WAF to pop an alert() WAF bypass XSS NA Manash (@manash036) Bug Bounty2022-08-292023-06-13
1157CVE-2021-38297 – Analysis of a Go Web Assembly vulnerability Memory corruption NA Uriya Yavnieli (@uriya_yavniely) Bug Bounty2022-08-302023-06-13
1156Found SQL Injection Vulnerability on Government Organization Website! SQL injection NA mehedishakeel (@mehedishakeel) Bug Bounty2022-08-302023-06-13
1154IDOR at Login function leads to leak user’s PII data IDOR Information disclosure NA Eslam Akl (@eslam3kll) Bug Bounty2022-08-302023-06-13
1153mfa bypass in private program, the abdulsec way MFA bypass NA abdulsec (@moodiAbdoul) Bug Bounty2022-08-302023-06-13
1152CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM Arbitrary file write Local Privilege Escalation Fortinet David Yesland (@daveysec) Bug Bounty2022-08-302023-06-13
1151HTMLI/XSS - Crafting a better PoC XSS HTML injection NA RiotSecurityTeam (@RiotSecTeam) Bug Bounty2022-08-302023-06-13
1149Vulnerability in TikTok Android app could lead to one-click account hijacking Insecure deeplink Android TikTok Microsoft 365 Defender Research Team Bug Bounty2022-08-312023-06-13
1148How reading robots.txt file got me 4 XSS reports ? XSS NA Ahmed Qaramany (@c0nqr0r) Bug Bounty2022-08-312023-06-13
1146SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) Memory corruption Local Privilege Escalation Ubuntu Linux Kernel Organization Cedric Halbronn (@saidelike) Bug Bounty2022-09-012023-06-13
1142AngularJS Client-Side Template Injection: The orderBy Filter. CSTI NA Jay Bug Bounty2022-09-012023-06-13