bug-bounty449
google354
xss340
microsoft283
facebook246
apple171
exploit163
rce160
malware102
account-takeover95
cve91
bragging-post84
csrf83
browser77
writeup76
privilege-escalation68
react60
authentication-bypass57
cloudflare54
dos53
node52
ssrf51
docker51
phishing50
aws48
access-control47
oauth45
smart-contract45
supply-chain44
ethereum43
web342
defi42
sql-injection41
lfi37
idor35
vulnerability-disclosure32
smart-contract-vulnerability32
info-disclosure31
race-condition31
burp-suite31
web-application31
reverse-engineering31
clickjacking31
wordpress30
information-disclosure29
cloud29
input-validation29
web-security28
reflected-xss27
solidity27
0
8/10
A detailed walkthrough of exploiting a blind SQL injection vulnerability in a JSON-RPC API by leveraging an IN() clause to infer boolean results through asset count variations, and bypassing WAF filters using Unicode escape sequences to extract database information.
sql-injection
blind-sqli
json-rpc
manual-exploitation
waf-bypass
bug-bounty
mysql
information-extraction
unicode-encoding
time-based-inference
TomNomNom
MySQL
0
6/10
bug-bounty
Researcher discovered a reflected XSS vulnerability in Zomato's OAuth2 authentication endpoint by enumerating subdomains, finding that user input was reflected without proper sanitization. The XSS was bypassed using a marquee tag with onfinish handler and unicode-encoded confirm() function to evade WAF filters.
reflected-xss
xss
waf-bypass
oauth-misconfiguration
subdomain-enumeration
unicode-encoding
bug-bounty
zomato
Zomato
Sudhanshu Rajbhar
secretx.zomato.com
auth2.zomato.com
Hydra
Somdev
Prateek Tiwari
CVE (HackerOne #456333)