Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3634SQL Injection Via Stopping the redirection to a login page SQL injection Authorization flaw NA Abde Ouabala (@4mgh0z) Bug Bounty2020-03-032023-06-13
3633How I CSRF’d My First Bounty! CSRF NA Rajesh Ranjan (@rajesh_ranjan4) Bug Bounty2020-03-032023-06-13
3632ManageEngine ServiceDesk Plus: Arbitrary File Upload Arbitrary file upload RCE NA Duc Anh Bui Bug Bounty2020-03-032023-06-13
3631Exploiting an SSRF: Trials and Tribulations SSRF NA A Bug’z Life (@abugzlife1) Bug Bounty2020-03-032023-06-13
3630SOP Bypass SOP bypass NA Kenan (@kenanistaken) Bug Bounty2020-03-032023-06-13
3629SSRF vulnerability in Uppy, Detected by Shieldfy SSRF Node.js third-party modules Eslam Salem (@net_code) Bug Bounty2020-03-032023-06-13
3627Got *Bounty* with Account takeover (ATO ) Unicode-Case Mapping Collision ! Account takeover NA Shaurya Sharma (@ShauryaSharma05) Bug Bounty2020-03-052023-06-13
3625How I exploit the JSON CSRF with method override technique CSRF NA Simgamsetti Manikanta (@zaheckmania) Bug Bounty2020-03-072023-06-13
3624Google Ads Self-XSS & Html Injection $5000 Self-XSS HTML injection Google Syahri Ramadan (@adonkidz7) Bug Bounty2020-03-072023-06-13
3623$5,005 worth vulnerability Duplicated, How I loose $5,005 in a day? Denial of Service - Billion LAUGH Attack (XXE) DoS XXE NA Muhammad Asim Shahzad (@protector47) Bug Bounty2020-03-082023-06-13
3622Breaking the Competition (Bug Bounty Write-up) Race condition DoS Logic flaw Session management issue NA George O (@georgeomnet) Bug Bounty2020-03-082023-06-13
3620Broke limited scope with a chain of bugs (tips for every rider CORS) CORS misconfiguration RCE NA Valeriy Shevchenko (@Krevetk0Valeriy) Bug Bounty2020-03-092023-06-13
3619Vulnerable design leads to personal data leakage- yet another case of an inter-application vulnerability… Logic flaw NA Marcin Szydlowski (@SecurityKsl) Bug Bounty2020-03-092023-06-13
3618Got Easiest Bounty with HTML injection via email confirmation! HTML injection NA Shaurya Sharma (@ShauryaSharma05) Bug Bounty2020-03-112023-06-13
3617Finding a P1 in one minute with Shodan.io (RCE) RCE NA sw33tLie (@sw33tLie) Bug Bounty2020-03-112023-06-13
3616OTP Bypass - Developer’s Check OTP bypass NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-03-112023-06-13
3615How I was able to bypass the current password? Account takeover CSRF NA Ninad Mathpati (@ninad_mathpati) Bug Bounty2020-03-112023-06-13
3611[Bug Bounty] Email Content Injection Email content injection NA Navneet (@na5n33t) Bug Bounty2020-03-122023-06-13
3610How I got access to critical data of a Company in no time ? Information disclosure Lack of rate limiting Bruteforce NA Kaustubh Kale Bug Bounty2020-03-122023-06-13
3608API secret key Leakage leads to disclosure of Employee’s Information Information disclosure NA Ace Candelario (@phspades) Bug Bounty2020-03-132023-06-13
3607User%27s email disclosure via invalid password reset link [$250] Password reset Information disclosure NA Myo Min Thu (@myominthu1337) Bug Bounty2020-03-132023-06-13
3603How I earned $800 for Host Header Injection Vulnerability Host header injection Password reset NA Pethuraj (@Pethuraj) Bug Bounty2020-03-152023-06-13
3602Using Vulnerability Analytics Feature Like a Boss SSRF Reflected XSS Authentication bypass NA Ozgur Alp (@ozgur_bbh) Bug Bounty2020-03-152023-06-13
3598How I was able to verify any contact number for my account? OTP bypass MFA bypass NA Paras Arora (@parasarora06) Bug Bounty2020-03-172023-06-13
3595Hacking — Always Check the Cross-domain Policy SOP bypass CSRF Starbucks Jack Bug Bounty2020-03-192023-06-13