| Nom for Security: A Proactive Security Review of Nomulus |
|
|
|
| Azure Devops Zero-Click CI/CD Vulnerability |
|
|
|
| Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes (CVE-2023-35636) |
|
|
|
| Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website |
|
|
|
| Hi Meta, WhatsApp with privacy? |
|
|
|
| Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threats |
|
|
|
| How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leaks |
|
|
|
| From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impact |
|
|
|
| Technical Advisory – Multiple Vulnerabilities in PandoraFMS Enterprise |
|
|
|
| Account takeover vulnerability that resulted in $2500 bounty! |
|
|
|
| Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosure |
|
|
|
| Advisory CVE-2023-43042 – IBM Backup Products Superuser Information Disclosure |
|
|
|
| How One Bug Scored Me Double Rewards! |
|
|
|
| How i got $15000 Reward by Apple - Information Disclosure |
|
|
|
| Owncloud: details about CVE-2023-49103 and CVE-2023-49105 |
|
|
|
| PII Disclosure Worth $750 |
|
|
|
| All the Small Things: Azure CLI Leakage and Problematic Usage Patterns |
|
|
|
| The Deputy Is Confused About AWS Security Hub |
|
|
|
| $9240 Bounty in 30 days Hunt Challenge |
|
|
|
| Identify Tor user across browser restarts |
|
|
|
| From Oversight to Ownership: How I Discovered the Path to Root on ISP’s Multiple Servers |
|
|
|
| Leaked Database and SMTP credentials through .env file |
|
|
|
| My debut with a Critical Bug: How I found my first bug (API misconfiguration) |
|
|
|
| 4,500 of the Top 1 Million Websites Leaked Source Code, Secrets |
|
|
|
| How I was able to find the P4 vulnerability in the United States Department of Agriculture by phone. |
|
|
|
writeups.xyz
/
Information Disclosure