Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3714User Account Takeover via Signup Feature | Bug Bounty POC Account takeover Logic flaw Authorization flaw NA Muzammil Kayani (@muzammilabbas2) Bug Bounty2020-01-222023-06-13
3712Password Reset Token Leak Via Referrer Password reset Information disclosure NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-01-222023-06-13
3711A Less Known Attack Vector, Second Order IDOR Attacks IDOR NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-01-222023-06-13
3710CORS Misconfiguration leading to Private Information Disclosure CORS misconfiguration NA Virus0X01 (@Virus0X01) Bug Bounty2020-01-232023-06-13
3709How I was able to take over any users account with host header injection Host header injection NA Ajay Gautam (@evilboyajay) Bug Bounty2020-01-232023-06-13
3707The unexpected bounty: A story of Zendesk takeover on REDACTED.com Subdomain takeover NA wis4nggeni Bug Bounty2020-01-252023-06-13
3706Accidental IDOR that Deleted Admin Account. IDOR NA Sayaan Alam (@ehsayaan) Bug Bounty2020-01-252023-06-13
3701Escalating reflected XSS with HTTP Smuggling Reflected XSS HTTP request smuggling NA Hazana (@HazanaSec) Bug Bounty2020-01-272023-06-13
3700Tale of a Misconfiguration in Password Reset Password reset Information disclosure NA Naveenroy Bug Bounty2020-01-272023-06-13
3699Adding anyone including non-friend and blocked people as co-host in personal event! IDOR Meta / Facebook Binit Ghimire (@WHOISbinit) Bug Bounty2020-01-282023-06-13
3698Hyperlink Injection - Easy Money (sometimes) Hyperlink injection NA Abhishek Yadav (@abhishake100) Bug Bounty2020-01-282023-06-13
3696How I was able to takeover the company’s LinkedIn Page Broken link hijacking NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-01-292023-06-13
36952FA Bypass via Logical Rate Limiting Bypass MFA bypass Logic flaw NA Jeppe Bonde Weikop Bug Bounty2020-01-302023-06-13
3691CSRF CSRF CSRF… CSRF NA Navneet (@na5n33t) Bug Bounty2020-02-032023-06-13
3690Easily leaking passenger information on an Airline IDOR NA Zseano (@zseano) Bug Bounty2020-02-042023-06-13
3689Exploiting Insecure Firebase Database! Insecure Firebase database Android NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-02-042023-06-13
3686Arbitary File Upload too Stored XSS - Bug Bounty Arbitrary file upload Stored XSS NA m0chan (@m0chan98) Bug Bounty2020-02-042023-06-13
3685How, I dumped crypto data by chaining directory listing to open S3 Bucket AWS misconfiguration Directory listing Information disclosure NA Ddigvijay Bug Bounty2020-02-052023-06-13
3683An Unexpected Bounty — Email Bounce Issues DoS Email Bounce Issue NA Keshav Malik (@g0t_rOoT_) Bug Bounty2020-02-052023-06-13
3682Using CSRF I Got Weird Account Takeover CSRF Account takeover NA Mohamed Sayed (@FlEx0Geek) Bug Bounty2020-02-052023-06-13
3681How I Made $600 in Bug Bounty in 15 Minutes with Contrast CE – CVE- 2019-8442 Information disclosure Atlassian David Lindner (@golfhackerdave) Bug Bounty2020-02-052023-06-13
3680Site wide CSRF on a popular program CSRF NA Ajinkya Pathare (@fellchase) Bug Bounty2020-02-052023-06-13
3678Simple Remote Code Execution Vulnerability Examples for Beginners RCE Unrestricted file upload NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-02-052023-06-13
3676How Inspect Element Got me a Bounty Client-side enforcement of server-side security NA Aditya Soni (@hetroublemakr) Bug Bounty2020-02-062023-06-13
3675IDOR leads to Data leakage and Profile Update IDOR Bruteforce NA vict0ni (@vict0ni) Bug Bounty2020-02-072023-06-13