| The Unexpected “0” Master ID for Account Data Manipulation |
|
|
|
| From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password – “password” |
|
|
|
| Optimizing Hunting Results in VDP for use in Bug Bounty Programs - From Sensitive Information Disclosure to Accessing Hidden APIs which can be used to Retrieve Customer Data |
|
|
|
| From Recon to Bypassing MFA Implementation in OWA by Using EWS Misconfiguration |
|
|
|
| From 3,99 to 1,650 USD (Part I) – Simple Vertical Privilege Escalation by Changing HTTP Response |
|
|
|
| From Recon to Optimizing RCE Results – Simple Story with One of the Biggest ICT Company in the World |
|
|
|
| 5,000 USD XSS Issue at Avast Desktop AntiVirus for Windows (Yes, Desktop!) |
|
|
|
| Illegal Rendered at Download Feature in Several Apps (including Opera Mini) that Lead to Extension Manipulation (with RTLO) |
|
|
|
| Information Disclosure at PayPal and Xoom (PayPal Acquisition) via Simple Google Dork - 1,000 USD |
|
|
|
| A Simple bypass of Registration Activation that Lead to many Bug - |
|
|
|
| Race Condition that could Result to RCE - (A story with an App that temporary stored an uploaded file within 2 seconds before moving it to Amazon S3) |
|
|
|
| Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal |
|
|
|
| Bypassing the Current Password Protection at PayPal TechSupport Portal |
|
|
|
| How I Get the Name of the Hotel (and other Data) that you ever Stay - Personal Data Leaks: Private Bug Bounty Program |
|
|
|
| Ribose — IDOR with Simple CSRF Bypass — Unrestricted Changes and Deletion to other Photo Profile |
|
|
|
| IDOR (at Private Bug Bounty Program) that could Leads to Personal Data Leaks |
|
|
|
writeups.xyz
/
YoKo Kho (@YokoAcc)