| 3232 | CSP Bypass Vulnerability in Google Chrome Discovered - Almost Every Website In The World Was At Risk |
CSP bypass |
Google |
Gal Weizman (@WeizmanGal) |
Bug Bounty | 2020-08-10 | 2023-06-13 |
| 3227 | How I made $2000 with URL REDIRECTION? |
Open redirect
SQL injection |
NA |
Simran Singh |
Bug Bounty | 2020-08-12 | 2023-06-13 |
| 3226 | Cracking the 2FA |
MFA bypass |
NA |
Rushikesh Gaikwad (@rsg_1212) |
Bug Bounty | 2020-08-12 | 2023-06-13 |
| 3225 | Cache poisoning of wget |
Web cache poisoning |
NA |
Vuk Ivanovic |
Bug Bounty | 2020-08-12 | 2023-06-13 |
| 3224 | Blind OS Command Injection |
OS command injection |
NA |
Ashik B |
Bug Bounty | 2020-08-12 | 2023-06-13 |
| 3223 | Journey to my First Bug Hunt$$$$ |
CSRF |
NA |
Bala Praneeth (@Begin_hunt) |
Bug Bounty | 2020-08-13 | 2023-06-13 |
| 3222 | Leaking AWS Metadata - The Unusual Way |
Information disclosure
RCE |
NA |
Shubham Garg (@nullb0t) |
Bug Bounty | 2020-08-13 | 2023-06-13 |
| 3221 | False2True, Match and Replace bug hunting — A cautionary tale |
Privilege escalation |
NA |
Vuk Ivanovic |
Bug Bounty | 2020-08-14 | 2023-06-13 |
| 3218 | Crowdsource Success Story: From an Out-of-Scope Open Redirect to CVE-2020-1323 |
Open redirect |
Microsoft |
Ozgur Alp (@ozgur_bbh) |
Bug Bounty | 2020-08-14 | 2023-06-13 |
| 3217 | Open Sesame: Escalating Open Redirect to RCE with Electron Code Review |
Open redirect
RCE
Security code review |
NA |
Eugene Lim (@spaceraccoonsec) |
Bug Bounty | 2020-08-14 | 2023-06-13 |
| 3216 | How recon helped me to find an interesting bug… |
Open redirect |
NA |
Vedant Tekale (@_justYnot) |
Bug Bounty | 2020-08-15 | 2023-06-13 |
| 3213 | How I got 450$ just in one Google search (SQLi + RXSS)? |
XSS
SQL injection |
NA |
Zhenwar Hawlery |
Bug Bounty | 2020-08-16 | 2023-06-13 |
| 3210 | Stealing your data using XSS |
XSS |
NA |
Viren Pawar (@VirenPawar_) |
Bug Bounty | 2020-08-17 | 2023-06-13 |
| 3209 | Account Takeover Using Re-Register [ Bug Bounty ] |
Account takeover |
NA |
Myo Min Thu (@myominthu1337) |
Bug Bounty | 2020-08-17 | 2023-06-13 |
| 3207 | Windows AppX Deployment Service Local Privilege Escalation (CVE-2020-1488 |
Local Privilege Escalation |
Microsoft |
ACTIVELabs |
Bug Bounty | 2020-08-18 | 2023-06-13 |
| 3206 | From SQL Injection to Hall Of Fame |
SQL injection |
NA |
Jadek Mark (@mase289) |
Bug Bounty | 2020-08-18 | 2023-06-13 |
| 3203 | Fun with header and forget password, with a twist: |
Password reset
Host header injection |
NA |
Vuk Ivanovic |
Bug Bounty | 2020-08-18 | 2023-06-13 |
| 3202 | Escalating a GitHub leak to takeover entire organization |
Information disclosure |
NA |
Shashank (@cyberboyIndia) |
Bug Bounty | 2020-08-18 | 2023-06-13 |
| 3200 | A perfect duplicate or how to send an email with a spoofed invoice’s content |
Email spoofing
Open mail relay
Missing authentication |
NA |
Mateusz Olejarka (@molejarka) |
Bug Bounty | 2020-08-19 | 2023-06-13 |
| 3196 | Upload to the future |
IDOR |
NA |
Vuk Ivanovic |
Bug Bounty | 2020-08-22 | 2023-06-13 |
| 3195 | How I was able to find easy P1 just by doing Recon |
LFI |
NA |
Kirtan Patel (@kirtanpatel9111) |
Bug Bounty | 2020-08-22 | 2023-06-13 |
| 3194 | $$ Bounties for Unauthenticated file read in Cisco ASA CVE-2020–3452 |
LFI |
NA |
Supun Halangoda (@halangoda_supun) |
Bug Bounty | 2020-08-23 | 2023-06-13 |
| 3193 | Account Takeover For The Win 🏆 |
Account takeover
Authentication flaw
Password reset |
NA |
Ricardo Iramar dos Santos (@ricardo_iramar) |
Bug Bounty | 2020-08-24 | 2023-06-13 |
| 3190 | Bug Bounty Failsx101[4] |
MFA bypass |
NA |
ArcherL (@realArcherL) |
Bug Bounty | 2020-08-26 | 2023-06-13 |
| 3188 | Delete IDOR on a Fashion eCommerce Website |
IDOR |
NA |
Amey Anekar (@ameyanekar) |
Bug Bounty | 2020-08-26 | 2023-06-13 |
