Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2921Subdomain Take Over Worth 100£ Subdomain takeover NA c0d3x27 (@c0d3x27) Bug Bounty2021-01-072023-06-13
2920Stored XSS on Product Description [HIGH] — $400 Stored XSS NA Emanuel Beni Harijanto Bug Bounty2021-01-072023-06-13
2919Github Organization Takeover By Claiming Owner Invitation Account takeover Logic flaw GitHub Abss (@absshax) Bug Bounty2021-01-072023-06-13
2918$10,000 for a vulnerability that doesn’t exist Path traversal NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2021-01-072023-06-13
2916Information Disclosure through Signup Endpoint Information disclosure NA Sunil Yedla (@sunilyedla2) Bug Bounty2021-01-082023-06-13
2915Blind XSS in Google Analytics Admin Panel — $3133.70 Blind XSS Google Ashish Dhone (@ashketchum_16) Bug Bounty2021-01-082023-06-13
2914Exploiting Application-Level Profile Semantics (APLS) APLS misconfiguration API misconfiguration NA Niemand (@niemand_sec) Bug Bounty2021-01-082023-06-13
2913Create post on any Facebook page IDOR Meta / Facebook Pouya Darabi (@Pouyadarabi) Bug Bounty2021-01-082023-06-13
2912A %27Novel%27 Way to Bypass Executable Signature Checks with Electron Local Privilege Escalation NA Parsia Hackerman (@cryptogangsta) Bug Bounty2021-01-082023-06-13
2911How I was able to Regain access to account deleted by Admin leading to $$$ Logic flaw Authorization flaw NA Rajesh Ranjan (@_rajesh_ranjan_) Bug Bounty2021-01-102023-06-13
2910Unauthorized Access to OData Entities + $2K Bounty From Microsoft Authorization flaw Information disclosure Microsoft Borna Nematzadeh (@LogicalHunter) Bug Bounty2021-01-102023-06-13
2909Weblogic Remote Code Execution (Exploiting CVE-2019-2725) RCE NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2021-01-102023-06-13
2908UNEP Breached, 100K+ Employee Records Accessed Information disclosure United Nations Jackson Henry (@JacksonHHax) Bug Bounty2021-01-112023-06-13
2907Stealing Your Private YouTube Videos, One Frame at a Time IDOR Google David Schütz (@xdavidhu) Bug Bounty2021-01-112023-06-13
2906Guest Blog Post: Leaking silhouettes of cross-origin images Side-channel information leakage Browser hacking Mozilla Google (Chrome) Aleksejs Popovs (@aleksejspopovs) Bug Bounty2021-01-112023-06-13
2905Unrestricted File Upload Unrestricted file upload NA Binamra Pandey Bug Bounty2021-01-122023-06-13
2904CSRF with IDOR - A Deadly Combo CSRF IDOR NA Jerry Shah (@Jerry) Bug Bounty2021-01-122023-06-13
2903Stealing User Information Via XSS Via Parameter Pollution Open redirect XSS NA Hamza Avvan (@hamzaavvan) Bug Bounty2021-01-122023-06-13
2902Making Clouds Rain :: Remote Code Execution in Microsoft Office 365 RCE Microsoft Steven Seeley (@steventseeley) Bug Bounty2021-01-122023-06-13
2901GoCD Multiple Vulnerabilities RCE Information disclosure Insecure deserialization Security code review GoCD Denis Andzakovic Bug Bounty2021-01-122023-06-13
2900Story of a really cool SSRF bug. SSRF NA Vedant Tekale (@_justYnot) Bug Bounty2021-01-132023-06-13
2899How I managed to trigger a Stored-XSS in an online store with the help of Cache Poisoning Web cache poisoning Stored XSS NA Schizo! Bug Bounty2021-01-142023-06-13
2898Tale of 2 TOOTB Bugs: Google and WhatsApp Information disclosure Logic flaw Google Meta / Facebook Circle Ninja (@circleninja) Bug Bounty2021-01-142023-06-13
2897Irremovable Facebook group album photos and entire album under certain circumstances (Bounty: 1000 USD) Logic flaw Meta / Facebook Shubham Bhamare (@theshubh77) Bug Bounty2021-01-142023-06-13
2896Insertion Of Malicious Links For Execution In Profile Picture - Unvalidated User Input In MS Sharepoint 2019 (CVE-2020-1456) XSS Microsoft David (@slashcrypto) Bug Bounty2021-01-152023-06-13