| Bypassing ACLs – IDOR exploitation via HPP |
|
|
|
| OAuth 2.0 Redirect URI Validation Falls Short, Literally |
|
|
|
| Backend Parameter Injection --> RCE |
|
|
|
| Exploiting Parameter Pollution in Golang Web Apps |
|
|
|
| HTTP Parameter Pollution - It’s Contaminated Again |
|
|
|
| Parameter Pollution - Zero Day |
|
|
|
| Bypass Google Captcha+Parameter Pollution Leads to send email to any user on behalf of “Organization” with any desired content |
|
|
|
| XSS Through Parameter Pollution |
|
|
|
| Bad regex used in Facebook Javascript SDK leads to account takeovers in websites that included it |
|
|
|
| Hacking — Tamper with the URL Parameters, especially if they modify the page |
|
|
|
| HTTP Parameter Pollution - It’s Contaminated |
|
|
|
| How i Unlocked the blocked accounts? |
|
|
|
| Tale of Account Takeovers (Part-1) |
|
|
|
| Parameter Pollution issue in API resulting $XXX |
|
|
|
| From parameter pollution to XSS |
|
|
|
| #BugBounty - Compromising User Account- "How I was able to compromise user account via HTTP Parameter Pollution(HPP)" |
|
|
|
| reCAPTCHA bypass via HTTP Parameter Pollution |
|
|
|
| How I earned 60K+ from private program |
|
|
|
| Parameter pollution bug at twitter |
|
|
|
writeups.xyz
/
HTTP Parameter Pollution