writeups.xyz / Ahmed Hassan

Title	Vulnerabilities	Programs	Authors
UN United Nations Host Header Injection leads to any Full Account Takeover (ATO)	Host Header Injection Password Reset Account Takeover	United Nations	Ahmed Hassan
stored XSS and stored HTML Injection in United Nations Website	XSS HTML Injection	United Nations	Ahmed Hassan
IDOR (Insecure Direct Object Reference) leads to listing all valid Users and edit their Profiles	IDOR	Drexel University	Ahmed Hassan
XSS \| HTML Injection and File Upload Bypass in HUAWEI Subdomain	XSS HTML Injection	Huawei	Ahmed Hassan

Page 1 of 1