bug-bounty371
xss316
google239
microsoft202
facebook194
apple135
exploit110
rce99
csrf78
malware62
account-takeover60
writeup59
bragging-post57
authentication-bypass55
browser53
access-control49
defi48
cve47
smart-contract47
ethereum44
privilege-escalation43
open-source42
sql-injection39
ssrf38
web338
ai-agents35
docker35
dos34
aws33
smart-contract-vulnerability33
supply-chain32
phishing30
idor30
react28
denial-of-service28
information-disclosure27
api-security27
solidity25
cloudflare25
burp-suite25
clickjacking25
oauth24
race-condition23
sqli23
node23
wordpress23
remote-code-execution22
vulnerability-disclosure22
reverse-engineering21
web-security21
0
3/10
bug-bounty
A security researcher documents three manual bug discoveries: information disclosure via HTTP method change (POST→GET), open redirect via protocol-relative URL bypass, and SVG-based open redirect through image upload. The writeup emphasizes logic-chain thinking over automated tools.
information-disclosure
open-redirect
method-tampering
http-method-bypass
url-bypass
svg-injection
role-based-access-control
authorization-bypass
bragging-post
Mado
Mohamed