Corben Leo (@Hacker_) | writeups.xyz

Title	Vulnerabilities	Programs	Authors
A $1,000,000 bounty? The KuCoin User Information Leak	Information Disclosure Zendesk Broken Authorization Security Misconfiguration	Undisclosed	Corben Leo (@Hacker_)
A Simple SQL Injection in an Air Force Website	SQL Injection	U.S. Dept of Defense	Corben Leo (@Hacker_)
Exposed Jenkins to RCE on 8 Adobe Experience Managers	RCE Exposed Jenkins Instance	Undisclosed	Corben Leo (@Hacker_)
"CI Knew There Would Be Bugs Here" — Exploring Continuous Integration Services as a Bug Bounty Hunter	Information Disclosure CI/CD	Undisclosed	EdOverflow (@EdOverflow) Justin Gardner (@Rhynorater) Corben Leo (@Hacker_) Karim Rahal (@KarimPwnz) Streaak (@Streaak) D0nut (@D0nutptr) BBAC
XSS to XXE in Prince v10 and below (CVE-2018-19858)	XSS XXE	Undisclosed	Corben Leo (@Hacker_)
Chaining Bugs to Steal Yahoo Contacts!	CORS Misconfiguration XSS	Yahoo! / Verizon Media	Corben Leo (@Hacker_)
Hacking the Hackers: Leveraging an SSRF in HackerTarget	SSRF	HackerTarget	Corben Leo (@Hacker_)
SQL Injection in rog.asus.com	SQL Injection Security Code Review	Asus	Corben Leo (@Hacker_)
Tricky CORS Bypass in Yahoo! View	CORS Misconfiguration	Yahoo! / Verizon Media	Corben Leo (@Hacker_)
Stored XSS in Bandcamp	Stored XSS	Bandcamp	Corben Leo (@Hacker_)
Remote Code Execution in AT&T	RCE SSTI Components With Known Vulnerabilities	AT&T	Corben Leo (@Hacker_)

Page 1 of 1