Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
2845Spoofing and Attacking With Skype Spoofing Microsoft mr.d0x (@mrd0x) Bug Bounty2021-02-022023-06-13
28441st Facebook Bug Bounty | Disclose page’s admin to mod/admin of group Information disclosure Meta / Facebook nhiephon (@_nhiephon) Bug Bounty2021-02-022023-06-13
2843Applying Offensive Reverse Engineering to Facebook Gameroom Insecure deserialization Meta / Facebook Eugene Lim (@spaceraccoonsec) Bug Bounty2021-02-022023-06-13
2842Stealing Chat session ID with CORS and execute CSRF attack CSRF CORS misconfiguration NA Sunil Yedla (@sunilyedla2) Bug Bounty2021-02-022023-06-13
2841CVE-2020-9759 - Getting root on webOS Local Privilege Escalation Browser hacking LG Andreas Lindh (@addelindh) Bug Bounty2021-02-032023-06-13
2840How I was able to Turn a XSS into a Account Takeover Web cache poisoning Stored XSS Account takeover OAuth Logic flaw NA Josh Fam (@Pullerze) Bug Bounty2021-02-032023-06-13
2839Microsoft Remote Desktop Web Access Authentication Timing Attack Timing attack Authentication flaw Microsoft Matt Dunn Bug Bounty2021-02-042023-06-13
2838Open Redirect vulnerability found using link parameter Open redirect NA Muhammad Aamir (@Muhammad__Aamir) Bug Bounty2021-02-042023-06-13
2836Redwood Report2Web XSS and Frame injection Reflected XSS Frame injection NA vict0ni (@vict0ni) Bug Bounty2021-02-042023-06-13
2835Page Admin Disclosed In Groups Due To Improper Session Handling In Facebook Web Information disclosure Meta / Facebook Samip Aryal (@samiparyal_) Bug Bounty2021-02-042023-06-13
2834Facebook Messenger Desktop App Arbitrary File Read Arbitrary file read Meta / Facebook Renwa (@RenwaX23) Bug Bounty2021-02-042023-06-13
2832Escalating SSRF to RCE SSRF RCE NA Sander Wind (@SanderWind) Bug Bounty2021-02-062023-06-13
2831How I Gain Access to the Server Administration of a Million-Dollar Company Privilege escalation Mass assignment NA Marx Chryz Del Mundo Bug Bounty2021-02-082023-06-13
2830Reflected XSS on a Public Program Reflected XSS NA Naveen J (@thevillagehackr) Bug Bounty2021-02-082023-06-13
2829Bigbasket Bug Bounty Writeup Insecure data storage Android NA Lohith Gowda M (@lohi_gowda_) Bug Bounty2021-02-082023-06-13
2828Duplicate Registration - The Twinning Twins Account takeover Authentication flaw NA Jerry Shah (@Jerry) Bug Bounty2021-02-082023-06-13
2827Abusing URI Parsers for fun and profit URL validation bypass NA Mohammad Owais (@_mohammadowais) Bug Bounty2021-02-082023-06-13
2826Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies Dependency confusion Paypal Shopify Apple Netflix Yelp Uber Microsoft Alex Birsan (@alxbrsn) Bug Bounty2021-02-092023-06-13
2825Self-XSS to rXSS via Uploaded File Name Self-XSS Reflected XSS NA P4nda (@InfoSecP4nda) Bug Bounty2021-02-092023-06-13
2824How I Got An Appreciation Letter From Harvard University Subdomain takeover Harvard University Santosh Bobade (@Santosh88267387) Bug Bounty2021-02-102023-06-13
2823A Tale of 2nd $xxx Bounty from Facebook Logic flaw Meta / Facebook Kunjan Nayak Bug Bounty2021-02-102023-06-13
2821Fastest Subdomain Take Over & DNS Misconfiguration Hunt. Subdomain takeover DNS zone transfer NA Kabeer (@iTheKabeer) Bug Bounty2021-02-102023-06-13
2820An Accidental XSS on uu.nl XSS Utrecht University Santosh Bobade (@Santosh88267387) Bug Bounty2021-02-112023-06-13
2819The "P" in Telegram stands for Privacy Privacy issue Telegram Dhiraj (@RandomDhiraj) Bug Bounty2021-02-112023-06-13
2818Hacking Chess.com and Accessing 50 Million Customer Records Reflected XSS Information disclosure Account takeover Chess.com Sam Curry (@samwcyo) Bug Bounty2021-02-112023-06-13