Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3355Using Inspect Element to Bypass Security restrictions | Bug Bounty POC Client-side enforcement of server-side security NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-06-302023-06-13
3351ZombieVPN, Breaking That Internet Security RCE Insecure deserialization Bitdefender AnchorFree 0xSha (@0xsha) Bug Bounty2020-07-012023-06-13
3340Bug bounty write-up: From SSRF to $4000 SSRF RCE NA thehackerish (@thehackerish) Bug Bounty2020-07-032023-06-13
3331RCE via image upload functionality Unrestricted file upload RCE NA Adwaith KS Bug Bounty2020-07-052023-06-13
3323How I found 10 Remote Code Execution in 10 minutes CVE-2020–5902 RCE NA Saransh Srivastav (@malfuncti0n_) Bug Bounty2020-07-072023-06-13
3316Tenda AC15 AC1900 Vulnerabilities Discovered and Exploited CSRF XSS Hardcoded credentials RCE Tenda Sanjana Sarda Bug Bounty2020-07-102023-06-13
3312How I hacked into a Telecom Network RCE Security misconfiguration JBoss NA Harpreet Singh Bug Bounty2020-07-112023-06-13
3303The 3 Day Account Takeover Logic flaw Password reset Account takeover Bruteforce Lack of rate limiting NA Mr. Beast (@__mr_beast__) Bug Bounty2020-07-172023-06-13
3285Hunting Android Application Bugs Using Android Studio. Authorization flaw Client-side enforcement of server-side security Information disclosure NA Tarek Mohammed (@Conan0x3) Bug Bounty2020-07-242023-06-13
3280How I bypassed 2fa in a 3 years old private program! MFA bypass Bruteforce Lack of rate limiting NA Shivangx01b (@shivangx01b) Bug Bounty2020-07-262023-06-13
3269XSS, RCE & HTML File Upload in same endpoint XSS RCE Unrestricted file upload NA Tarikul Islam (@sa1tama0) Bug Bounty2020-07-292023-06-13
3239The feature works as intended, but what’s in the source? Information disclosure NA Zseano (@zseano) Bug Bounty2020-08-082023-06-13
3235Hacking Zoom: Uncovering Tales of Security Vulnerabilities in Zoom Information disclosure RCE Memory leak Zoom Mazin Ahmed (@mazen160) Bug Bounty2020-08-082023-06-13
3222Leaking AWS Metadata - The Unusual Way Information disclosure RCE NA Shubham Garg (@nullb0t) Bug Bounty2020-08-132023-06-13
3218Crowdsource Success Story: From an Out-of-Scope Open Redirect to CVE-2020-1323 Open redirect Microsoft Ozgur Alp (@ozgur_bbh) Bug Bounty2020-08-142023-06-13
3217Open Sesame: Escalating Open Redirect to RCE with Electron Code Review Open redirect RCE Security code review NA Eugene Lim (@spaceraccoonsec) Bug Bounty2020-08-142023-06-13
3204How to contact Google SRE: Dropping a shell in cloud SQL SQL injection Privilege escalation Parameter injection RCE Google wtm@offensi.com (@wtm_offensi) Bug Bounty2020-08-182023-06-13
3201Django debug mode to RCE in Microsoft acquisition Information disclosure RCE Microsoft Syed Abuthahir (@writerabu) Bug Bounty2020-08-192023-06-13
3188Delete IDOR on a Fashion eCommerce Website IDOR NA Amey Anekar (@ameyanekar) Bug Bounty2020-08-262023-06-13
3183Unhiding the hidden Client-side enforcement of server-side security Authorization flaw CSRF NA I am Broot Bug Bounty2020-08-312023-06-13
3175How_i_was_able_to_pawned_website_via_escilating_webcache deception to rce Web cache deception SSRF RCE NA mohit (@mohit29295572) Bug Bounty2020-09-052023-06-13
3170From Android Static Analysis to RCE on Prod RCE Directory listing Missing authentication NA Aditya Dixit (@zombie007o) Bug Bounty2020-09-072023-06-13
3168CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze RCE Local Privilege Escalation Backblaze Jason Geffner (@JasonGeffner) Bug Bounty2020-09-092023-06-13
3164How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM RCE JNDI Injection Meta / Facebook Orange Tsai (@orange_8361) Bug Bounty2020-09-122023-06-13
3162SQL Injection & Remote Code Execution - Double P1 SQL injection RCE NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-09-132023-06-13