Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2613Page Owners Can’t remove or change page roles of deactivated users (or if Attacker blocks the page owner) in Facebook Lite, Facebook for Android and touch.facebook.com Logic flaw Meta / Facebook Baibhav Anand (@SpongeBhav) Bug Bounty2021-04-222023-06-13
2608Supply Chain Attacks via GitHub.com Releases Logic flaw GitHub Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2021-04-252023-06-13
2600How did I earn €€€€ by breaking the back-end logic of the server Logic flaw Information disclosure NA Dewanand Vishal (@dewcode91) Bug Bounty2021-04-282023-06-13
2571Workplace by Facebook | Unauthorized access to companies environment — $27,5k Authorization flaw Logic flaw IDOR Meta / Facebook Marcos Ferreira (@mvinni_) Bug Bounty2021-05-072023-06-13
2567Simple logical Bug turned into a bounty Logic flaw Meta / Facebook Sndp Giri Bug Bounty2021-05-102023-06-13
2555How to prevent more than 200 million users from using Google services Logic flaw Google Omar Hashem (@OmarHashem666) Bug Bounty2021-05-162023-06-13
2541Writeups: Facebook Whitehat program(2021): Instagram Live setting bug Logic flaw Meta / Facebook Takashi Suzuki Bug Bounty2021-05-202023-06-13
2540Third-Party Apps were still getting your private Facebook data even after their access expiry. Logic flaw Meta / Facebook Samip Aryal (@samiparyal_) Bug Bounty2021-05-202023-06-13
2499Shopify Multipass Misconfiguration Authentication flaw Logic flaw NA Ahmed A. Sherif Bug Bounty2021-06-052023-06-13
2497How I could have accessed all your private videos/photos saved inside your device without even unlocking it? Authorization flaw Logic flaw Meta / Facebook Samip Aryal (@samiparyal_) Bug Bounty2021-06-062023-06-13
2493Author spoofing in Google Colaboratory Logic flaw Google Zohar Shachar Bug Bounty2021-06-092023-06-13
2487How I found the silliest logical vulnerability for $750 that no one found for 3 years Logic flaw NA Sina Kheirkhah (@SinSinology) Bug Bounty2021-06-122023-06-13
2485[Google VRP] Privilege escalation on https://dialogflow.cloud.google.com Authorization flaw Logic flaw Google lalka (@0x01alka) Bug Bounty2021-06-132023-06-13
2475One-click DOS via Response Manipulation Logic flaw NA Akhil Bug Bounty2021-06-162023-06-13
2473Part-1 Dive into Zoom Applications CSRF Payment bypass Logic flaw Account takeover Privilege escalation Zoom Rakesh Thodupunoori (@rakesh_3895) Bug Bounty2021-06-162023-06-13
2455Three Microsoft Store vulnerabilites Payment tampering Logic flaw Microsoft Marlon Fabiano (@astrounder) Bug Bounty2021-06-242023-06-13
2454Microsoft Store free purschase vulnerabilites Payment tampering Logic flaw Microsoft Marlon Fabiano (@astrounder) Bug Bounty2021-06-242023-06-13
2428Let’s cancel the subscription (informative) Logic flaw Payment tampering NA Adnan Malik (@adnanmalikinfo) Bug Bounty2021-07-072023-06-13
2415Part 2: Dive into Zoom Applications CSRF Account takeover Information disclosure Session expiration issue Authorization flaw Logic flaw Zoom Rakesh Thodupunoori (@rakesh_3895) Bug Bounty2021-07-132023-06-13
2390Story OF MY 3RD Bounty From Facebook Logic flaw NA Aashish Jung Kunwar (@WhoisAasis) Bug Bounty2021-07-232023-06-13
2346Account Takeover (User + Admin) Via Password Reset Account takeover Password reset Logic flaw NA Hemant Patidar (@HemantSolo) Bug Bounty2021-08-052023-06-13
2333How I Bought a £240.00 Annual Subscription for Bargain £0.01 Payment tampering Logic flaw NA Craig Hays (@craighays) Bug Bounty2021-08-112023-06-13
2327Facebook Bug:Invite user to Like a Page even after they decline the Page Like Invite Logic flaw Meta / Facebook Circle Ninja (@circleninja) Bug Bounty2021-08-142023-06-13
2312Disclose WhatsApp Number of Instagram Accounts Despite Setting Set to be Hidden Information disclosure Logic flaw Meta / Facebook Naveen (@NaveenHax) Bug Bounty2021-08-192023-06-13
2303Hey Google ! - Delete my Data Properly — #GoogleVRP Logic flaw Google Sriram Kesavan (@sriramoffcl) Bug Bounty2021-08-232023-06-13