writeups.xyz writeups.xyz / Arbaz Hussain (@ArbazKiraak)

Title Vulnerabilities Programs Authors
Stored XSS] with arbitrary cookie installation
Stealing 0Auth Token (MITM)
Bypassing Rate Limit Protection by spoofing originating IP
Improper Storage of Private Project’s Files
Pre-domain wildcard CORS Exploitation
Referer Based XSS
Stored XSS on Rockstar Game
Missing Authorization check in Facebook Pages Manager
Race Condition bypassing team limit
Self XSS to Good XSS Clickjacking
Exploiting Misconfigured CORS on popular BTC Site
Xss using dynamically generated js file
ctrl+c & ctrl+v to Steal SESSIONID
IDOR While Connecting Social Account in Hackster.io
Stealing Access Token of One-drive Integration By Chaining CSRF Vulnerability