Any user can edit any list.
Hey There, I hope you guys doing great out there. While i was hunting Instacart , I found that any user from whom a list is shared via link or any random list is...
Bug Bounty POC
Burp suite v1.6 pro+crack
Burp suite v1.6 pro crack valid till 3 dec 2099 Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing...
Privilege Escalation From Manager To Admin.
Hello Users, While i was working around with sentry which is an Public Program over hackerone i found that i was able to escalate myself from manager to admin. An admin is only person...
Coinbase Partial 2FA Bypass On Enabling Recurring Payments.
Hello Users, While i was pentesting Coinbase I noticed that while creating Recurring payment meanwhile when 2FA is enabled it asks a user to enter verification code. So when someone confirm the recurring payment...
Read-only share recipient can restore old versions of file.
Description The restore capability of Nextcloud was not verifying whether an user has only read-only access to a share. Thus an user with read-only access was able to restore old versions. Affected Software Nextcloud...
Non-Deletable Co-Admin Due To Change Name Functionality
Hey Users…. I Found Something Unusual While I Was Working With username.bime.io I Noticed When An Admin Adds A New Admin Lets Name Him X . So After Creating A New User Admin Can...
SSRF Bypass in private website
SSRF Bypass in private website – Bug Bounty POC Hello BugBountyPoc viewers it’s been while we did not post poc on BugBountyPoc becuase of we are busy in our new porject of forum where...
PushWoosh – Sensitive Information Leakage via Referrer Header
PushWoosh – Sensitive Information Leakage via Referrer Header This post is published by Matthew Temmy as a contributor on Bug Bounty POC .Note that the post is written by Matthew Temmy, & any mistake...
A Unique way to send emails from hackerone support
A Unique way to send emails from hackerone support – Bug Bounty POC I hope all of you once reached out at hackerone support, if you have some support tickets which are solved then...
Ddos Website Using Image
This post is published by Mubassir Kamdar as a contributor on Bug Bounty POC .Note that the post is written by Mubassir Kamdar, & any mistake in writing will be entertained only from him...
Open URL Redirection and Xss In Dato Capital
This post is published by Ahsan Tahir as a contributor on Bug Bounty POC .Note that the post is written by Ahsan Tahir, & any mistake in writing will be entertained only from him...
