| Taking over Uber accounts through voicemail |
|
|
|
| IDOR Leads To Leak Any Uber Eats Restaurant Analytics |
|
|
|
| The easiest $2500 I got it from bug bounty program |
|
|
|
| Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies |
|
|
|
| Bug Hunting Stories: Schneider Electric & The Andover Continuum Web.Client |
|
|
|
| How dangerous is Request Splitting, a vulnerability in Golang or how we found the RCE in Portainer and hacked Uber |
|
|
|
| I Could Have Hacked All Uber Accounts- But I Chose to Report it Instead |
|
|
|
| H1-4420: From Quiz to Admin - Chaining Two 0-Days to Compromise An Uber Wordpress |
|
|
|
| Old but GOLD Dot Dot Slash to Get the Flag — Uber Microservice |
|
|
|
| Exploiting Google Calendars |
|
|
|
| Leakage of Client Secret, Server tokens of all Uber developer applications |
|
|
|
| Gaining access to Uber's user data through AMPScript evaluation |
|
|
|
| [BBP系列三] Hijack the JS File of Uber's Website |
|
|
|
| How I Discovered XSS that Affects around 20 Uber Subdomains |
|
|
|
| Applying a small bypass to steal Facebook Session tokens in Uber |
|
|
|
| How I XSS’ed Uber and Bypassed CSP |
|
|
|
| Another "TicketTrick" story |
|
|
|
| Should this be public though? |
|
|
|
| Here’s how I could’ve ridden for free with Uber |
|
|
|
| UBER Wildcard Subdomain Takeover | BugBounty POC |
|
|
|
| DOM XSS – auth.uber.com |
|
|
|
| Uber Bug Bounty: Gaining Access To An Internal Chat System |
|
|
|
| This domain is my domain — G Suite A record vulnerability |
|
|
|
| My write up about UBER Cross-site scripting by help of KNOXSS |
|
|
|
| Uber XSS via Cookie |
|
|
|
writeups.xyz
/
Uber