| Account Takeover via improper input validation |
|
|
|
| Escalating Privileges like a Pro |
|
|
|
| Admin hijacked by Sea Surf Pirates |
|
|
|
| Cookie worth a fortune |
|
|
|
| How I XSSed Admin Account |
|
|
|
| Injecting {{6*200}} to $1200 |
|
|
|
| XSSed my way to 1000$ |
|
|
|
| Two-Factor Authentication Bypass |
|
|
|
| alert(“A tale of 3 XSS!”) |
|
|
|
| Never Stop at Banner Grabbing |
|
|
|
| Privilege Escalation to Highest Admin Privileges |
|
|
|
| Complete User Account Takeover on an Android Application |
|
|
|
| A $1000 Bounty |
|
|
|
writeups.xyz
/
Gaurav Narwani (@Gauravnarwani97)