| Logic Flaw: I Can Block You from Accessing Your Own Account |
|
|
|
| “Like” Bypass on Customer Reviews — €500 bounty |
|
|
|
| Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP |
|
|
|
| Abusing auto mail responders to access internal workplaces |
|
|
|
| weird bug using fake id via photoshop worth $*** |
|
|
|
| How I found a simple bug in Facebook events without any Test |
|
|
|
| CVE-2023-5480: Chrome new XSS Vector |
|
|
|
| How I Bypassed A.i. Based Facial Detection Restriction With An Intended Feature On A Photo Sharing App ? |
|
|
|
| 1 Program, 4 Business Logic Bugs and Cashing in 2300$. |
|
|
|
| Accessing deleted comment for $$: A Bug Bounty Writeup |
|
|
|
| $7000 Bounty on a Single Web Application |
|
|
|
| $9240 Bounty in 30 days Hunt Challenge |
|
|
|
| How I Exposed Instagram's Private Posts by Blocking Users |
|
|
|
| Staff and Triage can modify the initial post of a report |
|
|
|
| Privilege Escalation — Playing with the various stages of a session state |
|
|
|
| CVE-2023-29298: Adobe ColdFusion Access Control Bypass |
|
|
|
| Weakness of Integration |
|
|
|
| How we tried to book a train ticket and ended up with a databreach with 245,000 records |
|
|
|
| Mass Assignment leads to the victim’s account being inaccessible forever |
|
|
|
| OpenAI Allowed “Unlimited” Credit on New Accounts |
|
|
|
| How do I Bypass Payment when a Subscription ends so I don’t have to pay for my subscription |
|
|
|
| Git Arbitrary Configuration Injection (CVE-2023-29007) |
|
|
|
| Methodological approach to find business logic bugs |
|
|
|
| How I Manipulated My Rank on the Bugcrowd Platform |
|
|
|
| Break the Logic: Playing with product ratings on a shopping site(600$) |
|
|
|
writeups.xyz
/
Logic Flaw