Saad Ahmed (@XSaadAhmedX)

Title	Vulnerabilities	Programs	Authors
Exploiting Auto-save Functionality To Steal Login Credentials	HTML Injection	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Weaponizing XSS For Fun & Profit	XSS CSRF	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Bypassing CORS	CORS Misconfiguration	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Bypass CSRF With ClickJacking Worth $1250	CSRF Clickjacking	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Accidental IDOR	IDOR	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Self XSS To Evil XSS	XSS	Undisclosed	Saad Ahmed (@XSaadAhmedX)
SQl Injection	SQL Injection	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Account Takeover Worth $900	Account Takeover CSRF	Undisclosed	Saad Ahmed (@XSaadAhmedX)
Complete Web Server Access	Unrestricted File Upload RCE	Undisclosed	Saad Ahmed (@XSaadAhmedX)
IDOR — Account Takeover	IDOR	Undisclosed	Saad Ahmed (@XSaadAhmedX)

Page 1 of 1