| 5129 | Parameter pollution bug at twitter |
HTTP parameter pollution |
Twitter |
Mert (@mertistaken) |
Bug Bounty | 2016-10-12 | 2023-06-13 |
| 4783 | How I earned 60K+ from private program |
Open redirect
Subdomain takeover
XSS
HTTP parameter pollution |
NA |
Siva Krishna Samireddi (@le4rner) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4752 | reCAPTCHA bypass via HTTP Parameter Pollution |
Captcha bypass
HTTP parameter pollution |
Google |
Andres Riancho (@AndresRiancho) |
Bug Bounty | 2018-05-28 | 2023-06-13 |
| 4699 | #BugBounty - Compromising User Account- "How I was able to compromise user account via HTTP Parameter Pollution(HPP)" |
HTTP parameter pollution
Password reset
Account takeover |
NA |
Avinash Jain (@logicbomb_1) |
Bug Bounty | 2018-07-07 | 2023-06-13 |
| 4152 | From parameter pollution to XSS |
HTTP parameter pollution
XSS |
NA |
Mo%27men Basel |
Bug Bounty | 2019-05-16 | 2023-06-13 |
| 4096 | Parameter Pollution issue in API resulting $XXX |
HTTP parameter pollution |
NA |
Smaran Chand (@smaranchand) |
Bug Bounty | 2019-06-17 | 2023-06-13 |
| 3653 | Tale of Account Takeovers (Part-1) |
Account takeover
HTTP parameter pollution
Password reset
OTP bypass |
NA |
Vijaysimha Reddy Bathini (@fatratfatrat) |
Bug Bounty | 2020-02-22 | 2023-06-13 |
| 3552 | How i Unlocked the blocked accounts? |
Password reset
HTTP parameter pollution
IDOR |
NA |
Maria Zulfiqar |
Bug Bounty | 2020-04-11 | 2023-06-13 |
| 3286 | HTTP Parameter Pollution - It’s Contaminated |
HTTP parameter pollution |
NA |
Shrey Shah (@ShreySh43332033) |
Bug Bounty | 2020-07-24 | 2023-06-13 |
| 2977 | Hacking — Tamper with the URL Parameters, especially if they modify the page |
HTTP parameter pollution |
NA |
Jack |
Bug Bounty | 2020-12-09 | 2023-06-13 |
| 2580 | XSS Through Parameter Pollution |
XSS
HTTP parameter pollution |
NA |
Saajan Bhujel (@saajanbhujel) |
Bug Bounty | 2021-05-05 | 2023-06-13 |
| 2578 | XSS Through Parameter Pollution |
Open redirect
XSS
HTTP parameter pollution |
NA |
Saajan Bhujel (@saajanbhujel11) |
Bug Bounty | 2021-05-05 | 2023-06-13 |
| 2326 | Bypass Google Captcha+Parameter Pollution Leads to send email to any user on behalf of “Organization” with any desired content |
HTTP parameter pollution
Captcha bypass |
NA |
viral bhatt (@viralbhatt100) |
Bug Bounty | 2021-08-14 | 2023-06-13 |
| 1722 | Parameter Pollution - Zero Day |
HTTP parameter pollution |
Discourse |
Jerry Shah (@Jerry) |
Bug Bounty | 2022-03-17 | 2023-06-13 |
| 1307 | HTTP Parameter Pollution - It’s Contaminated Again |
HTTP parameter pollution
Rate limiting bypass |
NA |
Jerry Shah (@Jerry) |
Bug Bounty | 2022-07-26 | 2023-06-13 |
| 415 | Exploiting Parameter Pollution in Golang Web Apps |
Authorization flaw
HTTP parameter pollution |
Concourse
VMware |
Rick Ramgattie (@RRamgattie) |
Bug Bounty | 2023-02-22 | 2023-06-13 |
| 299 | Backend Parameter Injection --> RCE |
RCE
HTTP parameter pollution
OS command injection |
NA |
Austin (@systemdumb) |
Bug Bounty | 2023-03-14 | 2023-06-13 |
