This writeup is about how I made into the BMW Security Experts Acknowledgment page by finding Account verification bypass flaw.
This blog is about the write up on Microsoft on how I was able to perform Stored XSS Vulnerability on one of the subdomains of Microsoft.
This is a write-up about the XSS Vulnerability which I found on the BBC website. I came across BBC’s Bug Bounty program and decided to give a try. I picked http://www.worldservicepartners.bbc.co.uk/ as my target (domain unavailable, as BBC terminated the domain recently). On visiting the domain, there was a login page but there’s no registration […]
Google Bug Bounty Writeup XSSS Vulnerability explaining how I could able to pop an XSS on Google’s portal.
HTTP response header injection vulnerabilities arise when user-supplied data is reflected into a response header in an unsafe way. The host header specifies which website or web application should process an incoming HTTP request. Host header attack possible, an attacker can manipulate the Host header as seen by the web application and cause the application […]