| 2748 | Exploiting CORS to perform an IDOR Attack leading to PII Information Disclosure |
CORS misconfiguration
Information disclosure |
NA |
Harsh Parekh (@notmarshmllow) |
Bug Bounty | 2021-03-01 | 2023-06-13 |
| 2671 | Bragging Rights: Let’s head back to bug bucket |
XSS
IDOR
MFA bypass |
NA |
Manas Harsh (@ManasH4rsh) |
Bug Bounty | 2021-04-02 | 2023-06-13 |
| 2209 | Chaining bugs for better bounties |
SSRF
XSS
Information disclosure |
NA |
Manas Harsh (@ManasH4rsh) |
Bug Bounty | 2021-09-19 | 2023-06-13 |
| 1945 | P5 to P1: Interesting Account Takeover |
Account takeover
Session expiration issue
Password reset |
NA |
Tushar Sharma (@tusharSharma_0) |
Bug Bounty | 2022-01-03 | 2023-06-13 |
| 1869 | Hacking Google Drive Integrations |
SSRF |
Dropbox |
Harsh Jaiswal (@rootxharsh) |
Bug Bounty | 2022-01-31 | 2023-06-13 |
| 1842 | Google Security Misconfiguration Leads to Account Takeover ! |
Logic flaw
Spoofing |
Google |
Harsh Banshpal |
Bug Bounty | 2022-02-08 | 2023-06-13 |
| 1742 | A Tale of Open Redirection to Stored XSS |
Stored XSS
Open redirect |
NA |
Tushar Sharma (@tusharSharma_0) |
Bug Bounty | 2022-03-12 | 2023-06-13 |
| 1534 | How I was able to down a service of Microsoft ? Denial of Service (DOS) Attack on Microsoft. |
DoS |
Microsoft |
Harsh Banshpal (@harshbanshpal) |
Bug Bounty | 2022-05-21 | 2023-06-13 |
| 1267 | Simple Open Redirect Bypass. |
Open redirect |
NA |
Harshad Gaikwad (@h4rsh4d) |
Bug Bounty | 2022-08-09 | 2023-06-13 |
| 1009 | Tale of Easy P1 Bugs in Wild |
Forced browsing
403 bypass
Information disclosure |
NA |
Harsh Tandel |
Bug Bounty | 2022-10-01 | 2023-06-13 |
| 955 | Story about Escalation of HTML Injection to EC2 Instance credentials leak |
SSRF
HTML injection |
NA |
Harsh Tandel (@H4r5h_T4nd37) |
Bug Bounty | 2022-10-14 | 2023-06-13 |
| 772 | A great weekend hack(worth $8k) |
SQL injection
IDOR
Stored XSS |
NA |
Manas Harsh (@ManasH4rsh) |
Bug Bounty | 2022-11-26 | 2023-06-13 |
