Mahmoud Gamal (@Zombiehelp54)

Title	Vulnerabilities	Programs	Authors
Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers	Salesforce Security Misconfiguration Broken Access Control	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
SQL Injection: Utilizing XML Functions in Oracle and PostgreSQL to bypass WAFs	SQL Injection WAF Bypass	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
Weblogic Remote Code Execution (Exploiting CVE-2019-2725)	RCE	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
Exploiting Out Of Band XXE using internal network and php wrappers	XXE	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
Handlebars template injection and RCE in a Shopify app	SSTI RCE	Shopify	Mahmoud Gamal (@Zombiehelp54)
SQL Injection and A silly WAF	SQL Injection	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
Let’s steal some tokens!	CSRF XSS Account Takeover	Google Shopify	Mahmoud Gamal (@Zombiehelp54)
SQL injection in an UPDATE query - a bug bounty story!	SQL Injection	Undisclosed	Mahmoud Gamal (@Zombiehelp54)
XSS vulnerability in Google image search	XSS	Google	Mahmoud Gamal (@Zombiehelp54)

Page 1 of 1