Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 4177 | [sidefx][Poc] user enumeration & no rate limeted in send message function | Username enumeration Lack of rate limiting | SideFX | Abdelhak Kharroubi | Bug Bounty | 2019-04-26 | 2023-06-13 |
| 3988 | self XSS to stored XSS [ think out the box] | Self-XSS Stored XSS | TIBCO | Abdelhak Kharroubi | Bug Bounty | 2019-08-06 | 2023-06-13 |
| 3987 | CRLF injection allow => cookie injection in root domain & xss | CRLF injection | Bukalapak | Abdelhak Kharroubi | Bug Bounty | 2019-08-06 | 2023-06-13 |
| 3986 | break and bypass verification email | Open redirect Email verification bypass Weak crypto | Bukalapak | Abdelhak Kharroubi | Bug Bounty | 2019-08-07 | 2023-06-13 |
| 980 | [Hacking Banks] Broken Access Control Vulnerability in Banking application [PART I] | Broken Access Control Android | NA | Abdelhak Kharroubi | Bug Bounty | 2022-10-10 | 2023-06-13 |
| 771 | [Hacking Bank] The Second Story of Finding Critical Vulnerabilities on Banking Application | Android Hardcoded credentials IDOR | NA | Abdelhak Kharroubi | Bug Bounty | 2022-11-26 | 2023-06-13 |