| Bypassing iCloud Web Access Restriction |
|
|
|
| Bypassing a login page and getting full admin access on an internal training platform |
|
|
|
| Response Manipulation Lead To Premium Feature By Normal User Reward of $500 |
|
|
|
| Unraveling The Story of Multiple Admin Panel Compromises |
|
|
|
| From Revealing Emails to Taking Over Accounts (Hacking Telecom) |
|
|
|
| IDN Homograph Attack and Response Manipulation - The Rarest Case |
|
|
|
| How I chained multiple High-impact vulnerabilities to create a critical one. |
|
|
|
| Improper Authentication in Android App |
|
|
|
| [Account Takeover] Don’t Send a Message to anyone Before Reading This [External Audit] |
|
|
|
| Upgrade plan from Free to Paid via Response Manipulation |
|
|
|
| The Tale of a Command Injection by Changing the Logo |
|
|
|
| Authentication Bypass in Nexus manager (version 3.37.3–02) |
|
|
|
| How I found multiple critical bugs in Red Bull |
|
|
|
| My First And Second Bugs Are — 2FA Bypass |
|
|
|
| Hijacking email with Cloudflare Email Routing |
|
|
|
| Account Takeover via Response Manipulation |
|
|
|
| Vertical Privilege Escalation: The user can takeover an admin account via response manipulation |
|
|
|
| Response Manipulation in the Admin panel lead to PII leakage |
|
|
|
| 500$ Account Takeover |
|
|
|
| My first CVE-2022–31289 |
|
|
|
| Another Admin panel |
|
|
|
| Privilege Escalation to stored XSS |
|
|
|
writeups.xyz
/
HTTP Response Manipulation