| How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbn |
|
|
|
| I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbn |
|
|
|
| Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities |
|
|
|
| Technical Advisory – Multiple Vulnerabilities in PandoraFMS Enterprise |
|
|
|
| How One Bug Scored Me Double Rewards! |
|
|
|
| $7000 Bounty on a Single Web Application |
|
|
|
| How I could view any Facebook Groups Notes media, and they paid me a $10,000 |
|
|
|
| RCE via Account Takeover |
|
|
|
| An IDOR lead joins any group makes me $2,500 |
|
|
|
| (IDOR) How do I find the first vulnerability with a $2500 bounty on hackerone. |
|
|
|
| [IDOR] $400 — Deleting Other Project in Shopee |
|
|
|
| Using Browser Tools For Bug Hunting: An Interesting 0$ Write IDOR On Instagram |
|
|
|
| How I found two api vulnerabilities by analyzing JS source code |
|
|
|
| Major Security Flaws in Popular QuickBlox Chat And Video Framework Expose Sensitive Data Of Millions |
|
|
|
| Account (of the CEO) Takeover via Password Reset |
|
|
|
| Multiple vulnerabilities on Chamilo 1.11.18 |
|
|
|
| Multiple Vulnerabilities In Cockpit CMS <= V2.5.2 |
|
|
|
| How BAC(Broken Access Control) got me a Pre Account Takeover |
|
|
|
| Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace |
|
|
|
| GraphQL API Hacking! |
|
|
|
| Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware |
|
|
|
| The Unexpected “0” Master ID for Account Data Manipulation |
|
|
|
| PII Data Leakage and US$1500 Bounty |
|
|
|
| IDOR, unpin posts for fun. |
|
|
|
| Taking Over an Entire Organization - A Journey Through Multiple Bugs |
|
|
|
writeups.xyz
/
IDOR