bug-bounty413
xss277
google249
microsoft215
facebook191
apple139
rce124
malware101
bragging-post92
account-takeover88
exploit86
csrf73
cve70
authentication-bypass67
privilege-escalation60
access-control53
phishing48
defi48
dos47
smart-contract47
ethereum44
writeup44
open-source43
supply-chain42
ssrf42
cloudflare42
sql-injection41
browser40
web339
stored-xss39
aws37
web-security36
docker36
input-validation36
ai-agents35
api-security34
smart-contract-vulnerability33
reverse-engineering32
react32
information-disclosure31
idor31
burp-suite30
oauth29
denial-of-service29
cross-site-scripting29
node28
reflected-xss28
race-condition27
web-application27
clickjacking25
0
6/10
bug-bounty
A bug bounty hunter demonstrates a union-based SQL injection attack against a private company's web application, using order-by enumeration to identify 11 vulnerable columns, extracting database version, user, OS details, and dumping table schemas via information_schema queries with encoding bypasses.
sql-injection
union-based-sqli
bug-bounty
writeup
mysql
information-schema
parameter-discovery
order-by-technique
column-enumeration
dios-attack
url-encoding-bypass
Nur A Alam Dipu