writeups.xyz
/
Pratik Yadav (@PratikY9967)
Title
Vulnerabilities
Programs
Authors
Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace
IDOR
Stored XSS
Account Takeover
Undisclosed
Pratik Yadav (@PratikY9967)
HTML Injection(Unique Exploitation)
HTML Injection
Undisclosed
Pratik Yadav (@PratikY9967)
Graphql Bug to Steal Anyone’s Address
Information Disclosure
GraphQL
Undisclosed
Pratik Yadav (@PratikY9967)
Ssrf to Read Local Files and Abusing the AWS metadata
SSRF
Undisclosed
Pratik Yadav (@PratikY9967)
Payment bypass
Payment Bypass
Logic Flaw
Undisclosed
Pratik Yadav (@PratikY9967)
Page 1 of 1
writeups.xyz
/
Pratik Yadav (@PratikY9967)