Blog view count manipulation by automated requests.In the world of digital content, metrics like view counts play a crucial role in determining a blog’s popularity and credibility. But what…Mar 211Mar 211
Authentication Bypass Vulnerability — Impersonation on Article CommentsWhile interacting with https://www.example.com/article/1234# comment , I found that I can moderate some params. The comment field looks…Mar 21Mar 21
Discovering a Stored XSS: a duplicate one!It was a quiet Sunday evening, and I was browsing my bugcrowd account. Suddenly I found a website that deals with Entertainment. I’ve…Feb 4Feb 4
xmlrpc.php allows SSRF!During my recent bug bounty hunting journey, I encountered a potential SSRF (Server-Side Request Forgery) vulnerability in the xmlrpc.php…Oct 7, 20241Oct 7, 20241
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug BountyAfter enjoying a day of festivities and relaxation with friends on Eid-ul-Adha, I was feeling the effects of a hearty meal. As the evening…Aug 8, 2024Aug 8, 2024
Reflected HTML injection leads to redirection and what’s not!I was mentally disturbed and navigating to hackerone and bugcrowd after almost 7 days of internet blackout in Bangladesh. I decided to hack…Aug 6, 2024Aug 6, 2024
Bypassing 403 leads to authentication token bypass and access internal resources.I think you can’t learn anything from my blog!Aug 1, 2024Aug 1, 2024
