Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
3303The 3 Day Account Takeover Logic flaw Password reset Account takeover Bruteforce Lack of rate limiting NA Mr. Beast (@__mr_beast__) Bug Bounty2020-07-172023-06-13
3302I am able to see user’s sensitive data through JSON file. Information disclosure Authorization flaw NA Saurabh siddharam sanmane (@saurabhsanmane2) Bug Bounty2020-07-172023-06-13
3298Android pin bypass with rate limiting Lack of rate limiting Authentication bypass NA Baluz (@t3chman) Bug Bounty2020-07-182023-06-13
3297Creative Android pin bypass with Race conditon Race condition Authentication bypass NA Baluz (@t3chman) Bug Bounty2020-07-182023-06-13
3296Unique Case for Price Manipulation | BugBounty | VAPT Payment tampering NA Harshit Sengar (@sengarharshit1) Bug Bounty2020-07-182023-06-13
3294bypass user-restriction registration Logic flaw Payment tampering NA Mohamed Ayad Bug Bounty2020-07-182023-06-13
3293Chaining rate limiting for account lockout Lack of rate limiting NA Sandip Oli Bug Bounty2020-07-192023-06-13
3292DOS over wep application DoS NA Mohamed Ayad Bug Bounty2020-07-192023-06-13
3290Denial of Service(DoS) By Regex DoS NA Ashik B Bug Bounty2020-07-202023-06-13
3289Increasing reward points N number of time Logic flaw NA Saddam Hussain (@wisdomfreak1) Bug Bounty2020-07-212023-06-13
3288Hack Till Your Last Breath IDOR NA mechboy / _m.u.h.e_ (@Muhe76355002) Bug Bounty2020-07-212023-06-13
3286HTTP Parameter Pollution - It’s Contaminated HTTP parameter pollution NA Shrey Shah (@ShreySh43332033) Bug Bounty2020-07-242023-06-13
3285Hunting Android Application Bugs Using Android Studio. Authorization flaw Client-side enforcement of server-side security Information disclosure NA Tarek Mohammed (@Conan0x3) Bug Bounty2020-07-242023-06-13
3284A $5000 Account Takeover Account takeover Password reset NA neelam Bug Bounty2020-07-252023-06-13
3283DNS Rebinding, The treacherous attack it can be DNS rebinding NA Vuk Ivanovic Bug Bounty2020-07-252023-06-13
3282A Simple IDOR which should not be missed on dating site ;) IDOR Information disclosure NA neelam Bug Bounty2020-07-262023-06-13
3281Obtained a bunch of sensitive data in just few steps — Hacking AWS misconfiguration Information disclosure NA Airlangga Visnhu Murthi Bug Bounty2020-07-262023-06-13
3280How I bypassed 2fa in a 3 years old private program! MFA bypass Bruteforce Lack of rate limiting NA Shivangx01b (@shivangx01b) Bug Bounty2020-07-262023-06-13
3279An unreproducable bug due to the load balancer, an unusual Open Redirect bug Open redirect NA tololovejoi (@tolo7010) Bug Bounty2020-07-272023-06-13
3277CVE-2020–9934: Bypassing the macOS Transparency, Consent, and Control (TCC) Framework for unauthorized access to sensitive user data MacOS Local Privilege Escalation Authorization flaw Apple Matt Shockley (@mattshockl) Bug Bounty2020-07-272023-06-13
3276CSRF + Open Redirect To Account Takeover CSRF Open redirect Account takeover NA R29k (@R29k_) Bug Bounty2020-07-282023-06-13
3274Pre-Access to Victim’s Account via Facebook Signup OAuth Account takeover NA Akshansh Jaiswal (@Akshanshjaiswl) Bug Bounty2020-07-282023-06-13
3273Authentication Token Leads To IDOR Authentication bypass NA mohit (@mohit29295572) Bug Bounty2020-07-282023-06-13
3272Company’s zendesk subdomain lead to hidden access. Exposed registration page NA himanshu pdy (@himanshu_pdy) Bug Bounty2020-07-282023-06-13
3271Authorization bypass in Google’s ticketing system (Google-GUTS) Authorization flaw Google Zohar Shachar Bug Bounty2020-07-282023-06-13