| How i made 15k$ from Remote Code Execution Vulnerability |
|
|
|
| My first bounty, IDOR + Self XSS [€3000] |
|
|
|
| AWS SageMaker Jupyter Notebook Instance Takeover |
|
|
|
| chaining bugs from self XSS to account takeover |
|
|
|
| How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR |
|
|
|
| Escalating Self-XSS To Stored XSS via Image injection + IDOR |
|
|
|
| Self-XSS to rXSS via Uploaded File Name |
|
|
|
| Chaining a self XSS to Account Takeover |
|
|
|
| Cookie Tossing to RCE on Google Cloud JupyterLab |
|
|
|
| Story of the best vulnerability I’ve found so far… |
|
|
|
| How I leveraged an interesting CSRF vulnerability to turn self XSS into a persistent attack? |
|
|
|
| From P5 to P2, from nothing to 1000+$ |
|
|
|
| Always escalate! From Self-XSS to Persistent XSS on Login Portal |
|
|
|
| Google Ads Self-XSS & Html Injection $5000 |
|
|
|
| My First Bounty From Google. |
|
|
|
| Exploiting a Self Stored XSS with an IDOR |
|
|
|
| How I turned Self XSS to Stored via CSRF |
|
|
|
| The AccountTakeOver Killing Chain |
|
|
|
| self XSS to stored XSS [ think out the box] |
|
|
|
| Turning Self XSS to good XSS via access control |
|
|
|
| Self-XSS + CSRF to Stored XSS |
|
|
|
| Chaining Self XSS with UI Redressing is Leading to Session Hijacking (PWN users like a boss) |
|
|
|
writeups.xyz
/
Self-XSS