bug-bounty498
google349
xss301
microsoft292
facebook262
rce211
exploit199
malware169
apple161
cve136
account-takeover115
bragging-post102
privilege-escalation95
csrf90
phishing86
browser75
writeup74
authentication-bypass69
supply-chain67
dos66
stored-xss65
reflected-xss57
ssrf56
reverse-engineering55
react52
access-control52
input-validation49
cross-site-scripting48
cloudflare47
aws47
docker46
lfi46
web-security46
sql-injection45
smart-contract45
web-application44
ethereum44
web343
oauth43
defi43
ctf43
node42
pentest39
open-source39
race-condition39
idor37
cloud37
burp-suite36
info-disclosure36
auth-bypass35
0
7/10
tutorial
Educational article explaining race condition vulnerabilities in web applications, particularly in financial systems, with real-world examples including the Starbucks gift card exploit where attackers could generate unlimited credit by sending concurrent transfer requests to bypass balance checks.
race-condition
time-of-check-time-of-use
concurrency-vulnerability
banking-security
financial-fraud
access-control
vulnerability-exploitation
web-application-security
synchronization
resource-locking
Egor Homakov
Starbucks
Vickie Li