bug-bounty372
xss318
google246
microsoft211
facebook194
apple138
exploit117
rce101
csrf78
malware77
account-takeover61
writeup59
bragging-post57
browser56
authentication-bypass55
cve54
access-control49
defi48
smart-contract47
privilege-escalation45
ethereum44
open-source42
ssrf40
sql-injection39
web338
dos37
ai-agents35
phishing35
docker35
aws34
supply-chain33
smart-contract-vulnerability33
cloudflare32
idor31
react30
denial-of-service28
information-disclosure27
api-security27
sqli27
oauth26
node26
clickjacking25
solidity25
burp-suite25
wordpress23
race-condition23
reverse-engineering23
remote-code-execution22
vulnerability-disclosure22
lfi22
0
3/10
bug-bounty
A security researcher documents three manual bug discoveries: information disclosure via HTTP method change (POST→GET), open redirect via protocol-relative URL bypass, and SVG-based open redirect through image upload. The writeup emphasizes logic-chain thinking over automated tools.
information-disclosure
open-redirect
method-tampering
http-method-bypass
url-bypass
svg-injection
role-based-access-control
authorization-bypass
bragging-post
Mado
Mohamed