bug-bounty512
xss297
google214
rce180
microsoft174
facebook161
exploit143
account-takeover118
bragging-post117
malware112
cve102
apple102
privilege-escalation92
csrf88
authentication-bypass79
stored-xss75
open-source68
phishing67
writeup67
reflected-xss63
access-control62
web-security60
ai-agents59
ssrf55
browser53
input-validation52
dos50
reverse-engineering49
defi48
smart-contract48
cross-site-scripting48
sql-injection46
ethereum45
cloudflare43
lfi41
information-disclosure40
supply-chain39
api-security39
oauth39
react38
web337
race-condition37
web-application37
burp-suite36
tool35
ctf35
idor33
smart-contract-vulnerability33
pentest33
html-injection33
0
6/10
Security researcher discovered an authentication bypass on springboard.google.com that escalated to local file inclusion (LFI) on Google production servers, allowing reading of /proc files with admin privileges. The vulnerability was found through directory enumeration and subsequently patched; the researcher received a $13,337 bounty.
local-file-inclusion
lfi
authentication-bypass
authorization-bypass
directory-enumeration
subdomain-enumeration
google
bug-bounty
recon
wfuzz
prod-server
Google VRP
springboard.google.com
cloudsearch.google.com
Omar Espino
wfuzz
domained
masscan
SecLists
ESCAL8