Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5243Flickr XSRF to Change Photo Details XSRF Flickr Abdullah Hussam (@Abdulahhusam) Bug Bounty2014-08-062023-06-13
5214Blind SQL Inejction [Hootsuite] Blind SQL injection Hootsuite Abdullah Hussam (@Abdulahhusam) Bug Bounty2015-08-012023-06-13
5213One Payload to XSS Them All! Flash XSS Adobe Abdullah Hussam (@Abdulahhusam) Bug Bounty2015-08-032023-06-13
5206Cloudflare WAF XSS XSS Cloudflare Abdullah Hussam (@Abdulahhusam) Bug Bounty2015-11-162023-06-13
5205How To Hack PayU – And Buy 10x More For The Same Price RCE PayU Rick Harris (@codel10n) Bug Bounty2015-12-182023-06-13
5194How I Hacked [Oculus] OAuth +Ebay +IBM Unrestricted file upload XSS Meta / Facebook Ebay IBM AnswerHub Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-02-122023-06-13
5164Medium Full Account Takeover By One Click XSS Medium Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-06-232023-06-13
5148Samsung Galaxy Apps MiTM vulnerabilities MiTM Android Samsung Simone Margaritelli (@evilsocket) Bug Bounty2016-08-172023-06-13
5136Vine Re-auth Bypass [Twitter Bug Bounty] Authentication flaw Twitter Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-09-212023-06-13
5126Leak Private Videos [Vimeo Bug Bounty] Logic flaw Authorization flaw Vimeo Abdullah Hussam (@Abdulahhusam) Bug Bounty2016-10-232023-06-13
5067Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041 SOP bypass Google Rafay Baloch (@rafaybaloch) Bug Bounty2017-06-012023-06-13
5041Medium Content Spoofing Leads to XSS Content spoofing Stored XSS Medium Abdullah Hussam (@Abdulahhusam) Bug Bounty2017-07-082023-06-13
5005Reflected XSS on www.yahoo.com Reflected XSS Yahoo! / Verizon Media Samuel (@saamux) Bug Bounty2017-08-122023-06-13
4979Exploiting a Single Request for Multiple Vulnerabilities Stored XSS Reflected XSS SSRF OS command injection NA Osama Ansari (@AnsariOsama10) Bug Bounty2017-09-192023-06-13
4978First bounty, time to step up my game Same Origin Method Execution NA Roderick Schaefer (@kciredor_) Bug Bounty2017-09-192023-06-13
4969Filter Bypass to Reflected XSS on https://finance.yahoo.com (mobile version) Reflected XSS Yahoo! / Verizon Media Samuel (@saamux) Bug Bounty2017-09-242023-06-13
4960Leaking Amazon.com CSRF Tokens Using Service Worker API CSRF Amazon Abdullah Hussam (@Abdulahhusam) Bug Bounty2017-10-112023-06-13
4952Slack SAML authentication bypass Authentication bypass Slack Antonio Sanso (@asanso) Bug Bounty2017-10-262023-06-13
4937How I Pwned a company using IDOR & Blind XSS IDOR Blind XSS NA Osama Ansari (@AnsariOsama10) Bug Bounty2017-11-152023-06-13
4880Full Account Takeover through CORS with connection Sockets CORS misconfiguration Account takeover NA Samuel (@saamux) Bug Bounty2018-01-252023-06-13
4832Leaking WordPress CSRF Tokens for Fun, $1337 bounty, and CVE-2017-5489 CSRF WordPress Abdullah Hussam (@Abdulahhusam) Bug Bounty2018-03-152023-06-13
4800Spoof an user to create a description of a group in Flickr IDOR Flickr Samuel (@saamux) Bug Bounty2018-04-162023-06-13
4791#BugBounty — "Journey from LFI to RCE!!!"-How I was able to get the same in one of the India’s popular property buy/sell company. LFI RCE NA Avinash Jain (@logicbomb_1) Bug Bounty2018-04-192023-06-13
4783How I earned 60K+ from private program Open redirect Subdomain takeover XSS HTTP parameter pollution NA Siva Krishna Samireddi (@le4rner) Bug Bounty2018-04-252023-06-13
4744How I Earned $750 Bounty Reward From AT&T bug Bounty -Adesh Kolte RCE Clickjacking XSS Same Origin Method Execution AT&T Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2018-06-012023-06-13