| Impact of an Insecure DeepLink |
|
|
|
| Impact of an Insecure Deep Link |
|
|
|
| One Endpoint, Two Account Takeovers |
|
|
|
| RCE On A Laravel Private Program |
|
|
|
| Taking down the SSO, Account Takeover in the Websites of Kolesa due to Insecure JSONP Call |
|
|
|
| Story of a 2.5k Bounty — SSRF on Zimbra Led to Dump All Credentials in Clear Text |
|
|
|
| 1-Click Account Takeover in Virgool.io — a Nice Case Study |
|
|
|
| Adminer Script Results to Pwning Server?, Private Bug Bounty Program |
|
|
|
| Latex to RCE, Private Bug Bounty Program |
|
|
|
writeups.xyz
/
Yashar Shahinzadeh (@YShahinzadeh)