| 3593 | EN | Administrator level Privilege Escalation story |
Privilege escalation |
NA |
Samet Sahin (@sametsahinnet) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3592 | API DOCS takeover on Readme.io |
Subdomain takeover |
NA |
Oktavandi (@0ktavandi) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3591 | Remote Image Upload Leads to RCE (Inject Malicious Code to PHP-GD Image) |
Unrestricted file upload
RCE |
NA |
Muhammad R. Maulana |
Bug Bounty | 2020-03-21 | 2023-06-13 |
| 3590 | The Ticklish XSS |
XSS |
NA |
Adnan Malik (@adnanmalikinfo) |
Bug Bounty | 2020-03-23 | 2023-06-13 |
| 3589 | Self XSS to Account Takeover |
Account takeover
XSS
CSRF |
NA |
Ch3ckM4te |
Bug Bounty | 2020-03-24 | 2023-06-13 |
| 3587 | XSS WAF & Character limitation bypass like a boss |
XSS |
NA |
Prial Islam Khan (@prial261) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3586 | Pentesting Cisco SD-WAN Part 1: Attacking vManage |
Cypher injection
Stored XSS |
Cisco |
Julien Legras (@Julien_Legras) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3584 | Exploitation of the CVE-2018-15961 – Unrestricted File Upload in Adobe ColdFusion |
Unrestricted file upload |
NA |
Supras (@LdrTom) |
Bug Bounty | 2020-03-26 | 2023-06-13 |
| 3583 | Account Takeover Flow In Mail.ru s Ext.A Domain [ $150 ] |
Logic flaw
Account takeover |
NA |
Myo Min Thu (@myominthu1337) |
Bug Bounty | 2020-03-26 | 2023-06-13 |
| 3582 | 1st Bug Bounty Write-Up — Open Redirect Vulnerability on Login Page |
Open redirect |
NA |
Phuriphat Boontanon (@zanezenzane) |
Bug Bounty | 2020-03-27 | 2023-06-13 |
| 3580 | I Want that Cookie !!! |
Logic flaw |
NA |
Adnan Malik (@infoadnanmalik) |
Bug Bounty | 2020-03-27 | 2023-06-13 |
| 3577 | OTP Bruteforce- Account Takeover |
OTP bruteforce
Account takeover |
NA |
Ranjit Kumar |
Bug Bounty | 2020-03-29 | 2023-06-13 |
| 3576 | CVE-2019-17004—Semi Universal XSS affecting Firefox for iOS |
Universal XSS |
Mozilla
Brave Software |
cliqz (@cliqz) |
Bug Bounty | 2020-03-30 | 2023-06-13 |
| 3574 | Limited freemarker ssti to arbitrary liql query and manage lithium cms |
SSTI |
NA |
Mert (@mertistaken) |
Bug Bounty | 2020-03-30 | 2023-06-13 |
| 3573 | Hacking makes me forget my pain |
SQL injection |
NA |
Abida Fahd |
Bug Bounty | 2020-03-31 | 2023-06-13 |
| 3572 | Akamai Web Application Firewall Bypass Journey: Exploiting “Google BigQuery” SQL Injection Vulnerability |
SQL injection |
NA |
Duc Nguyen (@ducnt_) |
Bug Bounty | 2020-03-31 | 2023-06-13 |
| 3570 | $3133.7 Google Bug Bounty Writeup- XSS Vulnerability! |
Reflected XSS |
Google |
Pethuraj (@Pethuraj) |
Bug Bounty | 2020-04-01 | 2023-06-13 |
| 3568 | Privilege Escalation - Hello Admin |
Privilege escalation |
NA |
Shrey Shah (@ShreySh43332033) |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3567 | Account Take Over without user Interaction |
Password reset
Information disclosure
Account takeover |
NA |
Ravilla Bharath |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3566 | Always escalate! From Self-XSS to Persistent XSS on Login Portal |
Self-XSS
CSRF |
NA |
Phuriphat Boontanon (@zanezenzane) |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3565 | Hundreds of internal servicedesks exposed due to COVID-19 |
Security misconfiguration |
NA |
Inti De Ceukelaire (@securinti) |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3564 | iPhone Camera Hack |
Zero-Click Unauthorized Access to Sensitive Data |
Apple |
Ryan Pickren |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3562 | Playing with JSON Web Tokens for Fun and Profit |
Password reset
Email verification bypass |
NA |
Muhammad Qasim Munir (@MeetAn0nym0us) |
Bug Bounty | 2020-04-04 | 2023-06-13 |
| 3559 | How a Simple CSRF Attack Turned into a P1 Level Bug |
CSRF
Account takeover |
NA |
Lady Secspeare (@bejuveria_) |
Bug Bounty | 2020-04-05 | 2023-06-13 |
| 3557 | $3K Bounty For Elastic-Search Takeover |
Elasticsearch Takeover
Information disclosure |
NA |
Ashish Kunwar (@D0rkerDevil) |
Bug Bounty | 2020-04-06 | 2023-06-13 |
