| Discovering 7 Open Redirect Bypasses and 3 XSS Bypasses Within a Single Program Using the Same Parameters |
|
|
|
| Apache Superset Part II: RCE, Credential Harvesting and More |
|
|
|
| A Classical Account Takeover Case via Multiple Bypasses |
|
|
|
| googlesource.com access_token leak (Awarded $7500) |
|
|
|
| Bypassing Link Sharing Protection in Messenger Kids Parent’s Control Feature | Meta Bug Bounty |
|
|
|
| Remote code execution in BIRT Viewer ≤ 4.12.0 (CVE-2023-0100) |
|
|
|
| Bypassing Safe-Redirect in Rails 7.0 |
|
|
|
| Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) |
|
|
|
| Bypassing authorization in Google Cloud Workstations [Google VRP] |
|
|
|
| URL Validation Bypass Using Browser URI Normalization |
|
|
|
| Multiple Vulnerabilities found in Airtel Android Application |
|
|
|
| CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability |
|
|
|
| URL whitelist bypass in https://cxl-services.appspot.com |
|
|
|
| Bypassing Chrome's URL restrictions |
|
|
|
| Abusing URI Parsers for fun and profit |
|
|
|
| Bypassing WAF with incorrect proxy settings for Hunting Bugs. |
|
|
|
writeups.xyz
/
URL Validation Bypass