XSS using a usernameXSS triggered by exploiting a vulnerable input field of a signup page.Nov 14, 20221Nov 14, 20221
Escalating SSTI to Reflected XSS using curly braces { }SSTI -> Self XSS -> RXSSSep 24, 20223Sep 24, 20223
Unsubscribe any user’s e-mail notifications via IDORIDOR allows attacker to unsubscribe any user from the Websites email service.Aug 28, 20225Aug 28, 20225
Business Logic Vulnerability via IDORExploiting a Logic Vuln via IDOR. #BugbountyAug 15, 20223Aug 15, 20223
File Upload Bypass to RCE == $$$$Multiple ways to Bypass a File upload feature and chain it to an RCE.Aug 12, 20229Aug 12, 20229
Browser Extensions which have landed $$$ !What’s up everybody. My name is Sagar Sajeev.Aug 12, 20223Aug 12, 20223
Server Side Template Injection-Something Distinct!How’s it going guys! My name is Sagar Sajeev and this is my writeup about one of my recent SSTI (Server Side Template Injection) finding.Aug 4, 20221Aug 4, 20221
Business Logic Vulnerabilities == $$$According to OWASP , Business Logic Vulnerabilities are ways of using the legitimate processing flow of an application in a way that…Jul 29, 20227Jul 29, 20227