Writeups

SAP HoF

NASA HoF

Broken Access Control

Top 1 at Alshaya VDP

Broken Access Control +2

Weak Password Recovery Leads To Account TakeOver

Exposed Server Health Debug

Sensitive Information Disclosure Through Config File

Bypass email verification

Information Disclosure

Exposed GIT repository

CSRF To Account Takeover

CSRF To Stored HTML injection

Reflected XSS

HTML Injection

Open Redirect

Reflected XSS +2