← All writings
#bounty 17 posts
16 Jul 2015 Shopify: Remote Code Execution #Shopify#RCE#Bounty 15 Oct 2014 HackerOne Vulnerability: Leaking Common Response Titles #HackerOne#Disclosure#Bounty 08 Aug 2014 Facebook FriendFeed Stored XSS #Facebook#XSS#Bounty 08 Aug 2014 Facebook MailChimp Application OAuth 2.0 Misconfiguration #Facebook#MailChimp#OAuth 27 Mar 2014 Flipkart.com - Elevation of Privilege #Flipkart#PrivEsc#Bounty 18 Feb 2014 SSRF/XSPA in MailChimp #MailChimp#SSRF#Bounty 21 Sep 2013 PayPal CSRF aids in account takeover! #PayPal#CSRF#Takeover 13 Jun 2013 Pwning Facebook accounts, taking a little help from Quora #Facebook#Quora#Takeover 21 May 2013 Dropbox for Business Mailing List Unsubscribe Users (Permission Issue) #Dropbox#Authorization#Bounty 16 May 2013 Dropbox Team Website Open Redirection #Dropbox#Redirect#Bounty 04 May 2013 Google Website Translator (Add Editor) CSRF and Google Tasks Clickjacking #Google#CSRF#Clickjacking 12 Mar 2013 File Upload Bug in PayPal's BillMeLater #PayPal#Upload#Bounty 21 Feb 2013 Facebook Whitehat Vulnerability for 2013: Open Redirection in Facebook Mobile #Facebook#Redirect#Bounty 29 Jan 2013 Blind SQL Injection in PayPal Notifications #PayPal#SQLi#Bounty 18 Oct 2012 Twitter Whitehat Vulnerability for 2012: Translation Center CSRF/XSRF #Twitter#CSRF#Bounty 12 Oct 2012 Adobe Website XSS and Open Redirect Vulnerabilities #Adobe#XSS#Redirect 15 Aug 2012 Google Website Translator Clickjacking Vulnerability #Google#Clickjacking#Bounty