bug-bounty495
xss287
google257
microsoft212
facebook181
rce169
apple127
exploit126
bragging-post112
account-takeover112
malware110
cve96
csrf86
privilege-escalation86
stored-xss74
authentication-bypass72
reflected-xss61
phishing59
access-control57
writeup56
web-security55
open-source55
dos52
browser52
input-validation50
defi48
ssrf48
smart-contract47
cross-site-scripting47
cloudflare45
ethereum44
sql-injection44
reverse-engineering44
supply-chain43
react43
oauth42
ai-agents41
web-application38
aws38
web337
lfi37
docker36
burp-suite36
api-security35
information-disclosure34
smart-contract-vulnerability33
html-injection33
race-condition33
idor32
vulnerability-disclosure31
0
5/10
bug-bounty
Researcher exploited CVE-2017-5638 (Apache Struts2 RCE) in a Yahoo application by discovering a vulnerable .do endpoint and bypassing the WAF using a specially crafted Content-Type header payload, earning a $5,500 bounty from Yahoo through HackerOne.
remote-code-execution
cve-2017-5638
apache-struts2
waf-bypass
bug-bounty
bragging-post
content-type-header
exploitation
recon
CVE-2017-5638
Apache Struts2
Yahoo
Selligent Messages Studio
HackerOne
Th3G3nt3lman
0
7/10
bug-bounty
A stored XSS vulnerability in InternShala.com exploited through a JSON endpoint with incorrect text/html content-type header. The attacker bypassed multiple filters (whitespace, forward slashes, alert/prompt functions, parentheses, angle brackets) using character substitution and URL encoding to inject a working XSS payload via the current_city_administrative_area_level_2 parameter.
xss
content-type-header
filter-bypass
html-injection
csrf
character-encoding
event-handler-injection
internshala
InternShala.com
Noman Shaikh