Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3385How I managed to Escalate privilege as admin Lack of rate limiting Bruteforce Weak credentials NA Abisheik Magesh (@AbisheikMagesh) Bug Bounty2020-06-162023-06-13
3384How I made more than $30K with Jolokia CVEs Reflected XSS RCE Information disclosure NA Patrik Fehrenbach (@ITSecurityguard) Bug Bounty2020-06-162023-06-13
3382A subtle stored-XSS in WordPress core Stored XSS RCE WordPress Sam Thomas (@_s_n_t) Bug Bounty2020-06-172023-06-13
3378From Recon to Bypassing MFA Implementation in OWA by Using EWS Misconfiguration Information disclosure MFA bypass NA YoKo Kho (@YokoAcc) Bug Bounty2020-06-192023-06-13
3376How did i find information Disclosure on Facebook-Writeup Information disclosure Meta / Facebook Alaa Abdulridha (@Madrid89001310) Bug Bounty2020-06-202023-06-13
3375Bypass 2FA like a Boss Lack of rate limiting Bruteforce NA Seqrity (@seQrity) Bug Bounty2020-06-202023-06-13
3372How i was able to chain bugs and gain access to internal okta instance Missing authentication NA Mmohammed Eldeeb (@malcolmx0x) Bug Bounty2020-06-222023-06-13
3371API Token Hijacking Through Clickjacking Clickjacking NA DarkLotus (@darklotuskdb) Bug Bounty2020-06-222023-06-13
3370Leveraging an SSRF to leak a secret API key SSRF NA Julien Cretel (@jub0bs) Bug Bounty2020-06-222023-06-13
3369A tale of my first ever full SSRF bug SSRF NA Jadek Mark (@mase289) Bug Bounty2020-06-222023-06-13
3367All About Getting First Bounty with IDOR IDOR NA Mukul Trivedi (@M0hn1sh) Bug Bounty2020-06-232023-06-13
3366Bug Bounty in Lockdown (SQLi and Business Logic) SQL injection Logic flaw NA Abhishek Yadav (@abhishake100) Bug Bounty2020-06-242023-06-13
3361An attempt to escalate a low-impact hidden input XSS XSS NA Ayush Ojha (@officialaimm) Bug Bounty2020-06-282023-06-13
3360How I was able to take over any account via the Password Reset Functionality. Password reset Account takeover NA Firas Fatnassi (@Fatnass1F1ras) Bug Bounty2020-06-282023-06-13
3359How I hacked a bank their application using it for hacking another bank company — 10K XSS XSS NA hg_real (@hgreal1) Bug Bounty2020-06-282023-06-13
3357API Endpoint leads to Account Takeover In Android Application Exposed token generation endpoint Information disclosure NA Adesh Nandkishor kolte (@AdeshKolte) Bug Bounty2020-06-282023-06-13
3355Using Inspect Element to Bypass Security restrictions | Bug Bounty POC Client-side enforcement of server-side security NA Muhammad Khizer Javed (@khizer_javed47) Bug Bounty2020-06-302023-06-13
3352Stored XSS with Password Recovery Page Stored XSS NA Lütfü Mert Ceylan (@lutfumertceylan) Bug Bounty2020-07-012023-06-13
3348Misconfigured S3 Bucket Access Controls to Critical Vulnerability AWS misconfiguration NA Harsh Bothra (@harshbothra_) Bug Bounty2020-07-022023-06-13
3347How I made $1500 dollars using base64 decoder :) Information disclosure NA Dilip (@dilip_spartn) Bug Bounty2020-07-022023-06-13
3344Price Tampering due to Improper checks on applying Coupon Payment tampering Logic flaw NA Vaibhav Joshi (@vj0shii) Bug Bounty2020-07-032023-06-13
3343How i got 200$ with an out of the box open redirect vulnerability Open redirect Token leak NA Tarek Galleze Bug Bounty2020-07-032023-06-13
3342Breaking Business Logic via Coupons — The Story of my 1st Valid Bug Bounty Payment tampering Logic flaw NA Dominic Ifediri (@Edi4all) Bug Bounty2020-07-032023-06-13
3340Bug bounty write-up: From SSRF to $4000 SSRF RCE NA thehackerish (@thehackerish) Bug Bounty2020-07-032023-06-13
3339CSRF Attack!!! CSRF NA Bala Praneeth (@Begin_hunt) Bug Bounty2020-07-042023-06-13