All Bug Bounty POC write ups by Security Researchers.
Hello BugBountyPoc viewers, this is Khizer again, I decided to Write about this Issue because I have seen some people are still confused about “Fastly error: unknown domain” Many Subdomains of BugBounty programs have This error...
Hello BugBountyPoc viewers, This is SaadAhmed a security researcher. This is my 1st write-up hope you all will forgive all mistakes. Today i’ll write about the misconfigure aws s3 buckets that i found on...
Vine User Private information disclosure – BugBountyPOC This post is published by Prial Islam as a contributor on BugBountyPOC .Note that the post is written by Prial Islam, & any mistake in writing will be entertained...
Exploiting Insecure Cross Origin Resource Sharing – BugBountyPOC This post is published by Muhammad Khizer Javed as a contributor on BugBountyPOC .Note that the post is written by Muhammad Khizer Javed, & any mistake...
Hey There, I hope you guys doing great out there. While i was hunting Instacart , I found that any user from whom a list is shared via link or any random list is...
Hello Users, While i was working around with sentry which is an Public Program over hackerone i found that i was able to escalate myself from manager to admin. An admin is only person...
Hello Users, While i was pentesting Coinbase I noticed that while creating Recurring payment meanwhile when 2FA is enabled it asks a user to enter verification code. So when someone confirm the recurring payment...
Description The restore capability of Nextcloud was not verifying whether an user has only read-only access to a share. Thus an user with read-only access was able to restore old versions. Affected Software Nextcloud...
Hey Users…. I Found Something Unusual While I Was Working With username.bime.io I Noticed When An Admin Adds A New Admin Lets Name Him X . So After Creating A New User Admin Can...
SSRF Bypass in private website – Bug Bounty POC Hello BugBountyPoc viewers it’s been while we did not post poc on BugBountyPoc becuase of we are busy in our new porject of forum where...
PushWoosh – Sensitive Information Leakage via Referrer Header This post is published by Matthew Temmy as a contributor on Bug Bounty POC .Note that the post is written by Matthew Temmy, & any mistake...
