Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
22435 Different Vulnerabilities in Google’s Threadit DOM XSS Clickjacking Privilege escalation Information disclosure Google Thomas Orlita (@ThomasOrlita) Bug Bounty2021-09-072023-06-13
2204Cookie Stealing via Clickjacking using Burp collaborator Clickjacking NA Anurag__Verma Bug Bounty2021-09-222023-06-13
2186Zero-Day: Hijacking iCloud Credentials with Apple Airtags (Stored XSS) Stored XSS Apple Bobby Rauch / Bobbyr Bug Bounty2021-09-282023-06-13
2079Broken Link Hijacking — 404 Google Play Store— xxx$ Bounty Broken link hijacking NA Proviesec (@proviesec) Bug Bounty2021-11-142023-06-13
2060Peeping through a Web-Socket Cross-Site Websocket Hijacking (CSWH) NA Aditya Verma (@0cirius0) Bug Bounty2021-11-212023-06-13
2044[socket.io] Cross-Site Websockets Hijacking Cross-Site Websocket Hijacking (CSWH) Node.js third-party modules sh1yo (@sh1yo_) Bug Bounty2021-11-292023-06-13
1929Pre-Auth RCE in Moodle Part II - Session Hijack in Moodle%27s Shibboleth Session hijacking Session management issue Account takeover RCE Moodle Johannes Moritz Bug Bounty2022-01-102023-06-13
1926Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more RCE Microsoft Gabriel Sztejnworcel (@sztejnworcel) Bug Bounty2022-01-112023-06-13
1924Pwning the portal: from database dump to session hijacking SQL injection XSS CSRF NA Bitcrack (@bitcrack_cyber) Bug Bounty2022-01-122023-06-13
1879Paytm-Broken Link Hijacking Broken link hijacking Paytm Lohith Gowda M (@lohigowda_in) Bug Bounty2022-01-292023-06-13
1824Broken Link Hijacking - Mr. User-Agent Broken link hijacking NA Jerry Shah (@Jerry) Bug Bounty2022-02-132023-06-13
1669Hacked Instagram Handle Of Samsung…. Broken link hijacking Samsung Amit Kumar (@Amitlt2) Bug Bounty2022-04-032023-06-13
1562The Underrated Bugs, Clickjacking, CSS Injection, Drag-Drop XSS, Cookie Bomb, Login+Logout CSRF… CSS injection Clickjacking Account takeover XSS Cookie bomb Self-XSS CSRF NA Renwa (@RenwaX23) Bug Bounty2022-05-102023-06-13
1537Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web Account takeover Pre-hijacking attack Dropbox Meta / Facebook LinkedIn WordPress Zoom Avinash Sudhodanan (@sudoavi) Bug Bounty2022-05-202023-06-13
1532Vulnerability In PayPal worth 200000$ bounty, Attacker can Steal Your Balance by One-Click Clickjacking Paypal Souhaib Naceri (@h4x0r_dz) Bug Bounty2022-05-222023-06-13
1521Hijacking Over 100k GoDaddy Websites Subdomain takeover GoDaddy Jonathan Cran (@jcran) Bug Bounty2022-05-252023-06-13
1518Social Media Take Over = Easy Money Broken link hijacking NA Jesse Clark (@Hogarth45_) Bug Bounty2022-05-262023-06-13
1395Account hijacking using "dirty dancing" in sign-in OAuth-flows OAuth Account takeover NA Frans Rosén (@fransrosen) Bug Bounty2022-07-072023-06-13
1377Microsoft Azure Site Recovery DLL Hijacking DLL Hijacking Privilege escalation Microsoft Jimi Sebree (@DinoBytes) Bug Bounty2022-07-122023-06-13
1376CVE-2022-32223 Discovery: DLL Hijacking via npm CLI DLL Hijacking Privilege escalation Node.js Yakir Kadkoda Bug Bounty2022-07-122023-06-13
1322How I Gained Access To A Finance Company’s Accounts (Session Hijacking) Session fixation Weak crypto NA Talha Karakumru Bug Bounty2022-07-252023-06-13
1281Hijacking email with Cloudflare Email Routing HTTP response manipulation Privilege escalation NA Albert Pedersen (@AlbertSPedersen) Bug Bounty2022-08-032023-06-13
1149Vulnerability in TikTok Android app could lead to one-click account hijacking Insecure deeplink Android TikTok Microsoft 365 Defender Research Team Bug Bounty2022-08-312023-06-13
1076Abusing Broken Link In Fitbit (Google Acquisition)To Collect BugBounty Reports On Behalf Of Google ! Broken link hijacking Google Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2022-09-162023-06-13
1073How i made the multiple hall of fame in Nokia within 2 minutes Clickjacking Nokia Vedavyasan Bug Bounty2022-09-172023-06-13