| 3760 | How we hacked one of the worlds largest Cryptocurrency Website |
SQL injection
RCE |
NA |
Strynx (@Strynx_Security) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3759 | Abusing ImageMagick to obtain RCE |
ImageTragick
RCE |
NA |
Strynx (@Strynx_Security) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3758 | SOP Bypass via browser-cache |
SOP bypass |
Keybase |
Aaron Costello (@ConspiracyProof) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3757 | Microsoft Edge (Chromium) - EoP via XSS to Potential RCE |
XSS
RCE |
Microsoft |
Abdulrahman Alqabandi (@Qab) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3756 | BugBounty | A Dom Xss |
DOM XSS |
NA |
Jinone (@jinonehk) |
Bug Bounty | 2019-12-24 | 2023-06-13 |
| 3755 | XSS Is Love <3 ! |
XSS |
NA |
Nirmal Dahal (@TheNittam) |
Bug Bounty | 2019-12-26 | 2023-06-13 |
| 3754 | Subdomain takeover via pantheon |
Subdomain takeover |
NA |
Smaran Chand (@smaranchand) |
Bug Bounty | 2019-12-26 | 2023-06-13 |
| 3752 | Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty |
XSSI |
NA |
Omkar Bhagwat (@th3_hidd3n_mist) |
Bug Bounty | 2019-12-27 | 2023-06-13 |
| 3747 | Exploiting a Self Stored XSS with an IDOR |
Self-XSS
Stored XSS
IDOR |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3745 | From POST to GET Open redirect |
Open redirect |
NA |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3744 | Exploiting HTML Injection in Email |
HTML injection |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3743 | Story of an IDOR via HTTP |
IDOR |
NA |
Shuaib Oladigbolu (@_sawzeeyy) |
Bug Bounty | 2019-12-31 | 2023-06-13 |
| 3742 | Bypass Mobile PIN Verification |
Authentication bypass |
NA |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2020-01-01 | 2023-06-13 |
| 3741 | Bypass 2FA in a website |
MFA bypass |
NA |
Sourav Sahana (@kernel_rider) |
Bug Bounty | 2020-01-01 | 2023-06-13 |
| 3739 | Exploiting Wi-Fi Stack on Tesla Model S |
Wifi hacking
Driver hacking
RCE
Memory corruption |
Tesla |
Tencent Keen Security Lab |
Bug Bounty | 2020-01-02 | 2023-06-13 |
| 3738 | Account takeover via HTTP Request Smuggling |
HTTP request smuggling
Account takeover
Open redirect
Internal header disclosure |
NA |
hipotermia (@_hipotermia_) |
Bug Bounty | 2020-01-03 | 2023-06-13 |
| 3737 | From . in regex to SSRF — part 1 |
SSRF |
NA |
Niemiec Marcin (@xvnpw) |
Bug Bounty | 2020-01-05 | 2023-06-13 |
| 3735 | How I found a Privilege Escalation Bug in a private Ecommerce? |
Privilege escalation |
NA |
Baibhav Anand (@SpongeBhav) |
Bug Bounty | 2020-01-06 | 2023-06-13 |
| 3733 | HTML Injection(Unique Exploitation) |
HTML injection |
NA |
Pratik Yadav (@PratikY9967) |
Bug Bounty | 2020-01-07 | 2023-06-13 |
| 3730 | Google Chrome display locking fuzzing |
Use-After-Free
Memory corruption |
Google |
Pawel Wylecial (@h0wlu) |
Bug Bounty | 2020-01-08 | 2023-06-13 |
| 3729 | Hunting Good Bugs with only <HTML> |
Open redirect
HTML injection
SSRF |
NA |
Ak1T4 (@akita_zen) |
Bug Bounty | 2020-01-10 | 2023-06-13 |
| 3728 | My First RCE (Stressed Employee gets me 2x bounty) |
Unrestricted file upload
RCE |
NA |
Abhishek Yadav (@abhishake100) |
Bug Bounty | 2020-01-10 | 2023-06-13 |
| 3726 | No Rate Limit - 2K Bounty |
Lack of rate limiting |
Yahoo! / Verizon Media |
Shrey Shah (@ShreySh43332033) |
Bug Bounty | 2020-01-12 | 2023-06-13 |
| 3723 | How I discovered an interesting account takeover flaw? |
Account takeover
Password reset
Lack of rate limiting |
NA |
Akash Methani (@0xAkash) |
Bug Bounty | 2020-01-14 | 2023-06-13 |
| 3722 | From . in regex to SSRF — part 2 |
SSRF |
NA |
Niemiec Marcin (@xvnpw) |
Bug Bounty | 2020-01-14 | 2023-06-13 |
