| Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities |
|
|
|
| Continuing the Citrix Saga: CVE-2023-5914 & CVE-2023-6184 |
|
|
|
| ALWAYS test 404 Not Found in Bug Bounties! |
|
|
|
| Leaked SQL Error Leading To XSS And Another BSQLi |
|
|
|
| How I found RXSS in Facebook, Twitter and Google training academy |
|
|
|
| Stealing private messages using XSS on subdomain |
|
|
|
| Multiple RXSS |
|
|
|
| Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees for >3.5 years (or even 18 years?) |
|
|
|
| pfSense Security: Sensing Code Vulnerabilities with SonarCloud |
|
|
|
| $7000 Bounty on a Single Web Application |
|
|
|
| $9240 Bounty in 30 days Hunt Challenge |
|
|
|
| Technical Advisory: Vulnerabilities Identified within ListServ |
|
|
|
| You can add extra zeroes. XSS bypass on a private bug bounty program |
|
|
|
| One Bug at a Time: $1,500 worth of XSS |
|
|
|
| The Not So Pleasant Password Manager |
|
|
|
| Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services |
|
|
|
| My First Bug: How I Was Able to Bypass the WAF and Uncover a Reflected XSS |
|
|
|
| Desperate XSS |
|
|
|
| Reversing Citrix Gateway for XSS |
|
|
|
| Reflected XSS Injection & Permanent Open Redirection |
|
|
|
| Multiple vulnerabilities in Delmia Apriso 2017 to 2022 |
|
|
|
| Finding XSS in a million websites (cPanel CVE-2023-29489) |
|
|
|
| Uncovering a Critical Vulnerability: My Journey of Discovering CVE-2021–31589, a Reflected XSS in LinkedIn |
|
|
|
| Popping Tags: Exploiting Template Injections in PRTG Network Monitor |
|
|
|
| Anatomy of a Reflected XSS: My Discovery on a Microsoft’s Subdomain |
|
|
|
writeups.xyz
/
Reflected XSS