| Small bugs are more dangerous than you think |
|
|
|
| Party time: Injecting code into Teleparty extension |
|
|
|
| Open Redirect via Sendgrid Email Misconfiguration |
|
|
|
| A Tale of Open Redirection to Stored XSS |
|
|
|
| What I Found on Sony Vulnerability Disclosure Program |
|
|
|
| A technique to semi-automatically find vulnerabilities in WordPress plugins |
|
|
|
| Bug Hunting Journey of 2021 |
|
|
|
| Open Redirection - QR Code Magic |
|
|
|
| Open Redirect Vulnerability On Zapier: An Accidental Find |
|
|
|
| SONY Hunting I: Discovering Hidden Parameters (5x SWAG) |
|
|
|
| How I got $500 with Open redirect |
|
|
|
| Eye for an eye: Unusual single click JWT token takeover |
|
|
|
| 1st Bug Bounty WriteUp: Open Redirect To XSS on Login Page |
|
|
|
| How I found Open Redirect on Hashnode.com |
|
|
|
| Chaining Open Redirect with XSS to Account Takeover |
|
|
|
| How I could have hacked your medium account by phishing your FB, Twitter & Google credentials. |
|
|
|
| Hacking Xiaomi'S Android Apps - Part 1 |
|
|
|
| Exploiting Open Redirect - Whitelist Bypass Using Salesforce Environment |
|
|
|
| Facebook account takeover due to unsafe redirects after the OAuth flow |
|
|
|
| From Wayback Machine To Account Takeover |
|
|
|
| AWS internal metadata accessed through SSRF by Chaining an Open Redirect bug |
|
|
|
| Got Nice catch by Google |
|
|
|
| Playing With iframes: Bypassing Content-Security-Policy |
|
|
|
| Facebook account takeover due to a bypass of allowed callback URLs in the OAuth flow |
|
|
|
| How I made to Paypal Bug Bounty $750 |
|
|
|
writeups.xyz
/
Open Redirect