Discovering a Stored XSS: a duplicate one!It was a quiet Sunday evening, and I was browsing my bugcrowd account. Suddenly I found a website that deals with Entertainment. I’ve…Feb 4Feb 4
xmlrpc.php allows SSRF!During my recent bug bounty hunting journey, I encountered a potential SSRF (Server-Side Request Forgery) vulnerability in the xmlrpc.php…Oct 7, 20241Oct 7, 20241
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug BountyAfter enjoying a day of festivities and relaxation with friends on Eid-ul-Adha, I was feeling the effects of a hearty meal. As the evening…Aug 8, 2024Aug 8, 2024
Reflected HTML injection leads to redirection and what’s not!I was mentally disturbed and navigating to hackerone and bugcrowd after almost 7 days of internet blackout in Bangladesh. I decided to hack…Aug 6, 2024Aug 6, 2024
Bypassing 403 leads to authentication token bypass and access internal resources.I think you can’t learn anything from my blog!Aug 1, 2024Aug 1, 2024
My First Bug!!!Stored Cross Site Scripting(XSS)It was about 6 months ago. I was totally depressed for my semester final exam. I was so depressed that I stopped studying before 3 hours of…Jul 12, 2024Jul 12, 2024