| From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR |
|
|
|
| Unauthorized Sign-up on Subdomain of Subdomain leading to Organization takeover worth $2000 |
|
|
|
| Hacking Dutch Government-Broken Authentication To Full Website Takeover (P1) |
|
|
|
| Security concerns with the e-Tugra certificate authority |
|
|
|
| Chaining Multiple Vulnerabilities Leads to Remote Code Execution (RCE) on One of the Payment Service Companies. |
|
|
|
| Found vulnaribility on subdomain of nasa.gov simply using censys |
|
|
|
| My New Discovery In Oracle E-Business Login Panel That Allowed To Access For All Employees Information's & In Some cases Passwords At More Than 1000 Companies |
|
|
|
| From android app to access admin dashboard |
|
|
|
| ATO of WordPress Website “4 digits €€€€ Bounty in 5 Minute!” |
|
|
|
| Story of Google Hall of Fame and Private program bounty worth $$$$ |
|
|
|
| How to Harpon Big Blue! |
|
|
|
| Company’s zendesk subdomain lead to hidden access. |
|
|
|
| From Recon to P1 (Critical) — An Easy Win |
|
|
|
| Getting access to 25k employees details |
|
|
|
writeups.xyz
/
Exposed Registration Page