| 3555 | Unrestricted CV File Upload |
Unrestricted file upload |
NA |
vict0ni (@vict0ni) |
Bug Bounty | 2020-04-07 | 2023-06-13 |
| 3552 | How i Unlocked the blocked accounts? |
Password reset
HTTP parameter pollution
IDOR |
NA |
Maria Zulfiqar |
Bug Bounty | 2020-04-11 | 2023-06-13 |
| 3550 | Bounty Tip !! Easiest way to bypass API’s Rate Limit. |
Rate limiting bypass |
NA |
Shaurya Sharma (@ShauryaSharma05) |
Bug Bounty | 2020-04-14 | 2023-06-13 |
| 3549 | Business Logic Errors - A New Look |
Logic flaw |
NA |
Shrey Shah (@ShreySh43332033) |
Bug Bounty | 2020-04-14 | 2023-06-13 |
| 3548 | Netflix Party — XSS Vulnerabilities |
XSS |
Netflix |
kr-b (@pirxcy) |
Bug Bounty | 2020-04-14 | 2023-06-13 |
| 3547 | Multiple Kernel Vulnerabilities Affecting All Qualcomm Devices |
Memory corruption
Race condition |
Qalcomm
Samsung |
Tamir Zahavi-Brunner (@tamir_zb) |
Bug Bounty | 2020-04-15 | 2023-06-13 |
| 3546 | Tricky Oracle SQL Injection Situation |
SQL injection |
NA |
yappare (@yappare) |
Bug Bounty | 2020-04-16 | 2023-06-13 |
| 3544 | OTP Verification Bypass |
OTP bypass |
NA |
Kanhaiya Kumar Singh |
Bug Bounty | 2020-04-17 | 2023-06-13 |
| 3543 | Strange Redirect (Fixed but no bounty) |
Open redirect |
NA |
Abhishek Yadav (@abhishake100) |
Bug Bounty | 2020-04-17 | 2023-06-13 |
| 3542 | Here is the Non Technical write-up on Technical Bug for My Second Bounty of $xxxx From Facebook |
Logic flaw
Privacy issue |
Meta / Facebook |
Ashok Chapagai (@ashokcpg) |
Bug Bounty | 2020-04-17 | 2023-06-13 |
| 3541 | How was i able to find privilege escalation. |
IDOR
Authorization flaw |
NA |
Akshar Tank (@Akshar__tank) |
Bug Bounty | 2020-04-18 | 2023-06-13 |
| 3537 | DOM based open redirect to the leak of a JWT token |
Open redirect
DOM-based open redirect
Token leak |
NA |
Adolphoramirez |
Bug Bounty | 2020-04-20 | 2023-06-13 |
| 3535 | Exploiting a Race Condition Vulnerability |
Race condition |
NA |
Vivek Kumar Singh (@v7nc3nz) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3534 | The Secret sauce of bug bounty |
CSTI
Stored XSS
CORS misconfiguration |
NA |
Mohamed Slamat (@oxxy37) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3533 | From P5 to P2, from nothing to 1000+$ |
Race condition
Self-XSS
Blind XSS |
NA |
Mohamed Daher (@DaherMohamed4) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3532 | Misconfigured WordPress takeover to Remote Code Execution |
Wordpress takeover
RCE
Security misconfiguration |
NA |
Smaran Chand (@smaranchand) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3530 | Messenger Rooms Bug Bounty Write-up |
Privilege escalation
Authorization flaw |
Meta / Facebook |
Jane Manchun Wong (@wongmjane) |
Bug Bounty | 2020-04-24 | 2023-06-13 |
| 3529 | Two Factor Authentication Bypass [ $50 ] |
MFA bypass |
NA |
Aung Pyae Ko Ko (@BlcKVRtuL1) |
Bug Bounty | 2020-04-24 | 2023-06-13 |
| 3528 | From Recon to P1 (Critical) — An Easy Win |
Exposed registration page |
NA |
Harsh Bothra (@harshbothra_) |
Bug Bounty | 2020-04-24 | 2023-06-13 |
| 3525 | Fun With CORS Misconfiguration — II |
CORS misconfiguration
XSS |
NA |
Aman Gupta (@gupt4j1) |
Bug Bounty | 2020-04-25 | 2023-06-13 |
| 3524 | 1-click RCE on Keybase |
RCE |
Keybase |
smaury (@smaury92) |
Bug Bounty | 2020-04-27 | 2023-06-13 |
| 3519 | Recon to Sensitive Information Disclosure in Minutes |
Information disclosure
Outdated component with a known vulnerability |
NA |
Harsh Bothra (@harshbothra_) |
Bug Bounty | 2020-04-28 | 2023-06-13 |
| 3518 | Indirect UXSS issue on a private Android target app |
Universal XSS |
NA |
Kunal pandey (@kunalp94) |
Bug Bounty | 2020-04-29 | 2023-06-13 |
| 3516 | Account taken over in style !!! |
Logic flaw
CSRF
Account takeover |
NA |
kishore hariram (@kishorehariram) |
Bug Bounty | 2020-04-30 | 2023-06-13 |
| 3515 | [Bug Bounty Writeups] Exploiting SQL Injection Vulnerability |
SQL injection |
NA |
Ahmed ElTijani |
Bug Bounty | 2020-04-30 | 2023-06-13 |
