| OAuth 2.0 Redirect URI Validation Falls Short, Literally |
|
|
|
| Bypassing Okta SSO=> HTTPS/HTTP |
|
|
|
| CSRF leads to account takeover in Yahoo! |
|
|
|
| Hacking Swagger-UI - from XSS to account takeovers |
|
|
|
| Story about more than 3.5 million PII leakage in Yahoo!!! |
|
|
|
| DOS attack in Yahoo, How i was able to deny new users from service? |
|
|
|
| Stored XSS in Yahoo mail IOS app($3500) |
|
|
|
| No Rate Limit - 2K Bounty |
|
|
|
| Bug Hunting Journey of 2019 |
|
|
|
| CPDoS: Cache Poisoned Denial of Service |
|
|
|
| Accessing 2 million Verizon Pay Monthly contracts |
|
|
|
| My very first bug: a dreaded dupe and then an IDOR jackpot! |
|
|
|
| [Still work] Redirect Yahoo Subdomain XSS Reflected from americangreetings.com |
|
|
|
| Write-up - Love story, from closed as informative to $3,500 USD, XSS stored in Yahoo! iOS MaiL app |
|
|
|
| YAHOO IDOR -elimination of any comment |
|
|
|
| Yahoo — Two XSSi vulnerabilities chained to steal user information. ($750 Bounty) |
|
|
|
| RCE on Yahoo Luminate |
|
|
|
| Reflected XSS in Yahoo Subdomain ( hk.movies.yahoo.com ) |
|
|
|
| How I found 2.9 RCE at Yahoo! Bug Bounty program |
|
|
|
| Source Code Analysis in YSurvey — Luminate bug |
|
|
|
| XSS In sports.tw.campaign.yahoo.net |
|
|
|
| XSS in Yahoo Subdomain |
|
|
|
| [Yahoo Bug Bounty] Unauthorized Access to Unisphere Management Server Debugging Facility on https://bf1-uaddbcx-002.data.bf1.yahoo.com/Debug/ |
|
|
|
| Chaining Bugs to Steal Yahoo Contacts! |
|
|
|
| RCE Vulnerabilite in Yahoo Subdomain! ( Yahoo! RCE via Spring Engine SSTI ) By tghawkins |
|
|
|
writeups.xyz
/
Yahoo! / Verizon Media