| A $1,000,000 bounty? The KuCoin User Information Leak |
|
|
|
| Hacking HackerOne: How computer vision helped uncover hidden vulnerabilities? |
|
|
|
| Testing a new encrypted messaging app's extraordinary claims |
|
|
|
| How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain |
|
|
|
| Placeholder for Dayzzz: Abusing placeholders to extract customer informations |
|
|
|
| Unauthorized access to the admin panel via leaked credentials on the WayBackMachine |
|
|
|
| Discord Rich Presence LeonardSSH.vscord |
|
|
|
| Multiple Critical Vulnerabilities In Strapi Versions <=4.7.1 |
|
|
|
| From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR |
|
|
|
| Account Take Over (Via an API) |
|
|
|
| Holiday Hunting With Aquatone |
|
|
|
| From an Innocent api-key to PII data |
|
|
|
| How to avoid the aCropalypse |
|
|
|
| Using an Undocumented Amplify API to Leak AWS Account IDs |
|
|
|
| Getting Root - A Technical Walkthrough |
|
|
|
| Exploiting aCropalypse: Recovering Truncated PNGs |
|
|
|
| Default Credentials on Sony- Swag Time |
|
|
|
| The story of becoming a Super Admin |
|
|
|
| Remote Stealth Brute-force of Oracle Database Passwords |
|
|
|
| Bug in Netflix with my automation |
|
|
|
| JS file enumeration for bug bounty hunters |
|
|
|
| How I Earned $$$ for Excessive Data Exposure Through Directory Traversal Leads to Product Price Manipulation |
|
|
|
| How a simple IDOR impacted the data of thousands of customers of an Indian automotive giant |
|
|
|
| How I got into Nokia HOF in 5 Mins |
|
|
|
| Information Disclosure Vulnerability in Adobe Experience Manager affecting multiple companies including Microsoft, Apple, Amazon, McDonald’s and many more. |
|
|
|
writeups.xyz
/
Information Disclosure