bug-bounty512
xss298
google217
rce183
microsoft176
facebook163
exploit148
account-takeover118
bragging-post117
malware115
cve104
apple103
privilege-escalation93
csrf88
authentication-bypass79
stored-xss75
open-source68
writeup68
phishing67
reflected-xss63
access-control62
web-security60
ai-agents59
ssrf55
browser54
input-validation52
reverse-engineering50
dos50
smart-contract48
defi48
cross-site-scripting48
sql-injection46
ethereum45
cloudflare43
lfi41
supply-chain41
information-disclosure40
oauth40
api-security39
react38
web-application37
web337
race-condition37
burp-suite36
tool35
ctf35
html-injection33
idor33
smart-contract-vulnerability33
pentest33
0
6/10
vulnerability
A bug bounty researcher discovered LDAP injection vulnerability in a registration form while attempting blind XSS exploitation. The server was passing unsanitized user input directly to LDAP directory operations, revealed through error messages about invalid directory pathnames.
ldap-injection
blind-xss
waf-bypass
input-validation
registration-form
dotnet-waf
side-channel-attack
backend-exploitation
XSS Hunter
The WebApplication Hacker's Handbook
Davide Tampellini