Ahmad Halabi (@Ahmad_Halabi_)

Title	Vulnerabilities	Programs	Authors
The ART of Chaining Vulnerabilities	Android WAF Bypass Bruteforce Hardcoded Credentials RCE	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
From Revealing Emails to Taking Over Accounts (Hacking Telecom)	OTP Bypass Password Reset HTTP Response Manipulation Account Takeover	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
PII Disclosure of Apple Users ($10k)	IDOR Lack of Rate Limiting Bruteforce Information Disclosure	Apple	Ahmad Halabi (@Ahmad_Halabi_)
Simple HTML Injection to $250	Account Takeover Mass Assignment	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
RCE via Internal Access to Adminer Database Management (Critical)	RCE	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
Finding Hidden Login Endpoint Exposing Secret `Client ID`	Information Disclosure	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
Secret Key Exposure in API Config Directory	Information Disclosure	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)
Chaining Multiple Requests to Achieve Rate Limiting Vulnerabilities	Rate Limiting Bypass	Undisclosed	Ahmad Halabi (@Ahmad_Halabi_)

Page 1 of 1