Skip to content

Commit 9d4df13

Browse files
bribesbribes
authored
Batch
1 parent bb74b0f commit 9d4df13

File tree

1 file changed

+10
-1
lines changed

1 file changed

+10
-1
lines changed

writeups.csv

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ date,bounty,title,url,author,author-url,type,tweeted,archive-url
2929
2020-06-28,3000,Taking over Azure DevOps Accounts with 1 Click,https://www.assetnote.io/resources/research/taking-over-azure-devops-accounts-with-1-click,Sean Yeoh,https://x.com/seanyeoh,blog,false,?
3030
2020-07-04,?,How I got hall of fame in Microsoft,https://medium.com/@noneofyou/how-i-got-hall-of-fame-in-microsoft-9b507dec3860,Akash basnet,https://medium.com/@noneofyou,blog,false,?
3131
2020-07-05,?,Taking Over Files in a chat —IDOR in Microsoft Teams,https://medium.com/@alyanwar/taking-over-files-in-a-chat-idor-in-microsoft-teams-e5289c2efd0,Aly Anwar,https://x.com/alyanwarr,blog,false,?
32-
2020-11-15,?,Microsoft Bug Bounty Writeup – Stored XSS Vulnerability,https://www.pethuraj.com/blog/microsoft-bug-bounty-writeup-stored-xss-vulnerability/,Pethuraj,https://x.com/Pethuraj,blog,false,?
32+
2020-11-15,0,Microsoft Bug Bounty Writeup – Stored XSS Vulnerability,https://www.pethuraj.com/blog/microsoft-bug-bounty-writeup-stored-xss-vulnerability/,Pethuraj,https://x.com/Pethuraj,blog,false,?
3333
2021-01-10,2000,Unauthorized Access to OData Entities + $2K Bounty From Microsoft,https://infosecwriteups.com/unauthorized-access-to-odata-entities-2k-bounty-from-microsoft-e070b2ef88c2,Borna Nematzadeh,https://x.com/LogicalHunter,blog,false,?
3434
2021-01-22,10000,"$10,000 for automatic email confirmation bug in Microsoft’s Edge browser",https://0xkaran.medium.com/10-000-for-automatic-email-confirmation-bug-in-microsofts-edge-browser-22f15ceccb4a,Karan Chaudhary,https://x.com/0xkaran,blog,false,?
3535
2021-02-15,30000,"I Own your Cloud Shell: Taking over “Azure Cloud Shell” Kubernetes Cluster Through Unsecured Kubelet API 30,000$ Bounty",https://hencohen10.medium.com/i-own-your-cloud-shell-taking-over-azure-cloud-shell-kubernetes-cluster-through-unsecured-558621519cf9,Chen Cohen,https://x.com/chencococococo,blog,false,?
@@ -97,3 +97,12 @@ date,bounty,title,url,author,author-url,type,tweeted,archive-url
9797
2025-09-16,20000,Cross-Tenant Access Exploit in Microsoft Entra ID: Breaking Governance with a simple trick,https://medium.com/@bashir69emceeaka5/cross-tenant-access-exploit-in-microsoft-entra-id-breaking-governance-with-a-simple-trick-a06d88fe309e,Bashir Mohamed (BlackPanther87),https://x.com/Panther82Black,blog,false,?
9898
2025-09-17,?,One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens,https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/,Dirk-jan Mollema,https://x.com/_dirkjan,blog,false,?
9999
2025-10-08,0,"Microsoft Events Leak, Part I: Leaking Event Registration and Waitlist Databases",https://blog.faav.top/microsoft-events-leak-part-i,Faav,https://x.com/efaav,blog,false,?
100+
2023-05-28,0,How I Found Stored XSS + HTML Injection Vulnerability on Microsoft,https://cybersecuritywriteups.com/how-i-found-stored-xss-html-injection-vulnerability-on-microsoft-6b8682c03680,Abdul Rehman Parkar,https://x.com/abdulrehmanprkr,blog,false,?
101+
2023-05-28,0,Microsoft Azure User Active Directory Invitation Spoofing Vulnerability,https://cybersecuritywriteups.com/azure-user-invitation-spoofing-vulnerability-656cd543b13f,Abdul Rehman Parkar,https://x.com/abdulrehmanprkr,blog,false,?
102+
2023-07-12,0,Story of Clickjacking on Microsoft Leads To Privilege Escalation & Account Takeover Of Admin,https://cybersecuritywriteups.com/story-of-clickjacking-in-microsoft-leads-to-privilege-escalation-account-takeover-of-admin-a04453ed47fc,Abdul Rehman Parkar,https://x.com/abdulrehmanprkr,blog,false,?
103+
2021-12-10,5000,Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666),https://blog.thalium.re/posts/deserialization-bug-through-rdp-smart-card-extension/,Valentino Ricotta,https://x.com/face0xff,blog,false,?
104+
2022-08-18,30000,Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS!,https://blog.orange.tw/posts/2022-08-lets-dance-in-the-cache-destabilizing-hash-table-on-microsoft-iis/,Orange Tsai,https://x.com/orange_8361,blog,false,?
105+
2022-01-16,0,I FOUND information disclosure Vulnerability at Microsoft Subdomain,https://medium.com/@botami143/i-found-idor-vulnerability-at-microsoft-subdomain-b89b8777bf8d,Bot Ami,https://x.com/Botami143,blog,false,?
106+
2022-03-12,0,"I have Found Microsoft Subdomain Website database list, database username, password",https://medium.com/@botami143/i-have-found-microsoft-subdomain-website-database-list-database-username-password-1dab07d0c8ea,Bot Ami,https://x.com/Botami143,blog,false,?
107+
2018-07-19,0,How I was able to delete 13k+ Microsoft Translator projects,https://haiderm.com/how-i-was-able-to-delete-13k-microsoft-translator-projects/,Haider Mahmood,https://haiderm.com/whoami/,blog,false,?
108+
2021-08-26,40000,Critical Vulnerability in Microsoft Azure Cosmos DB,https://chaosdb.wiz.io/,Wiz,https://x.com/wiz_io,blog,false,?

0 commit comments

Comments
 (0)