Abdullah Hussam (@Abdulahhusam)

Title	Vulnerabilities	Programs	Authors
Take Advantage of Out-of-Scope Domains in Bug Bounty Programs	XSS	Undisclosed	Abdullah Hussam (@Abdulahhusam)
Leaking WordPress CSRF Tokens for Fun, $1337 bounty, and CVE-2017-5489	CSRF	WordPress	Abdullah Hussam (@Abdulahhusam)
Leaking Amazon.com CSRF Tokens Using Service Worker API	CSRF	Amazon	Abdullah Hussam (@Abdulahhusam)
Medium Content Spoofing Leads to XSS	Content Spoofing Stored XSS	Medium	Abdullah Hussam (@Abdulahhusam)
Leak Private Videos [Vimeo Bug Bounty]	Logic Flaw Broken Authorization	Vimeo	Abdullah Hussam (@Abdulahhusam)
Vine Re-auth Bypass [Twitter Bug Bounty]	Broken Authentication	Twitter	Abdullah Hussam (@Abdulahhusam)
Medium Full Account Takeover By One Click	XSS	Medium	Abdullah Hussam (@Abdulahhusam)
How I Hacked [Oculus] OAuth +Ebay +IBM	Unrestricted File Upload XSS	Meta / Facebook Ebay IBM AnswerHub	Abdullah Hussam (@Abdulahhusam)
Cloudflare WAF XSS	XSS	Cloudflare	Abdullah Hussam (@Abdulahhusam)
One Payload to XSS Them All!	Flash XSS	Adobe	Abdullah Hussam (@Abdulahhusam)
Blind SQL Inejction [Hootsuite]	Blind SQL Injection	Hootsuite	Abdullah Hussam (@Abdulahhusam)
Flickr XSRF to Change Photo Details	XSRF	Flickr	Abdullah Hussam (@Abdulahhusam)

Page 1 of 1