bug-bounty424
xss286
google262
microsoft220
facebook194
apple141
rce139
malware103
exploit101
account-takeover93
bragging-post92
cve79
csrf76
authentication-bypass67
privilege-escalation62
access-control53
phishing49
dos49
defi48
smart-contract47
supply-chain46
writeup46
browser45
ethereum44
ssrf44
cloudflare44
open-source43
sql-injection41
stored-xss39
web339
aws37
web-security36
input-validation36
docker36
reverse-engineering35
ai-agents35
react34
api-security34
oauth33
smart-contract-vulnerability33
idor31
information-disclosure31
race-condition30
burp-suite30
node30
cross-site-scripting29
denial-of-service29
reflected-xss28
web-application27
clickjacking26
0
6/10
bug-bounty
A bug bounty hunter demonstrates a union-based SQL injection attack against a private company's web application, using order-by enumeration to identify 11 vulnerable columns, extracting database version, user, OS details, and dumping table schemas via information_schema queries with encoding bypasses.
sql-injection
union-based-sqli
bug-bounty
writeup
mysql
information-schema
parameter-discovery
order-by-technique
column-enumeration
dios-attack
url-encoding-bypass
Nur A Alam Dipu