| 5316 | Stored Cross-Site Scripting (XSS) via DNS Record Poisoning |
XSS
Stored XSS |
Rengine |
Touhid M Shaikh |
Bug Bounty | 2024-08-23 | 2024-08-27 |
| 5294 | $6000 with Microsoft Hall of Fame | Microsoft Firewall Bypass | CRLF to XSS | Microsoft Bug Bounty |
CRLF ( Firewall Bypass )
Privilege Escalation
XSS
CRLF to XSS |
MSRC Microsoft |
Neh Patel ( thecyberneh ) |
Bug Bounty | 2022-10-12 | 2024-01-31 |
| 5290 | Facebook XSS via Cross-Origin Resource Sharing |
XSS |
Meta / Facebook |
Matt Austin (@mattaustin) |
Bug Bounty | 2010-07-06 | 2023-06-13 |
| 5289 | Hacking Facebook with FBML and DOM |
XSS |
Meta / Facebook |
Matt Austin (@mattaustin) |
Bug Bounty | 2010-07-18 | 2023-06-13 |
| 5286 | Google.com cross site scripting and privilege escalation in Consumer Surveys |
Stored XSS
Authorization flaw |
Google |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2013-01-03 | 2023-06-13 |
| 5285 | Persistent XSS on myworld.ebay.com |
XSS |
Ebay |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-01-27 | 2023-06-13 |
| 5283 | DOM Based XSS In AVG |
DOM XSS |
AVG |
Rafay Baloch (@rafaybaloch) |
Bug Bounty | 2013-02-26 | 2023-06-13 |
| 5280 | PayPal Bug Bounty: PayPaltech.com XSS |
XSS |
Paypal |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2013-04-13 | 2023-06-13 |
| 5277 | Amazon packaging feedback cross-site scripting vulnerability |
XSS |
Amazon |
Bitquark (@bitquark) |
Bug Bounty | 2013-07-03 | 2023-06-13 |
| 5276 | Admob creative image cross-site scripting vulnerability |
XSS |
Google |
Bitquark (@bitquark) |
Bug Bounty | 2013-07-19 | 2023-06-13 |
| 5275 | How I found my way into Instagram%27s Ganglia, and a bug with Facebook likes. |
Reflected XSS
IDOR |
Meta / Facebook |
Josip Franjkovic (@josipfranjkovic) |
Bug Bounty | 2013-07-23 | 2023-06-13 |
| 5268 | Content Types and XSS: Facebook Studio |
XSS |
Meta / Facebook |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-10-21 | 2023-06-13 |
| 5265 | Nokia email app pwnage |
XSS |
Nokia |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-10-22 | 2023-06-13 |
| 5263 | Oracle xss |
XSS |
Oracle |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-11-17 | 2023-06-13 |
| 5260 | Abusing CORS for an XSS on Flickr |
XSS |
Flickr |
Jack Whitton (@fin1te) |
Bug Bounty | 2013-12-12 | 2023-06-13 |
| 5259 | Flickr XSS (Stored / DOM XSS) |
XSS |
Flickr |
Matt Austin (@mattaustin) |
Bug Bounty | 2013-12-18 | 2023-06-13 |
| 5258 | Imgur xss |
XSS |
Imgur |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-12-19 | 2023-06-13 |
| 5257 | Waze arbitrary file upload |
Unrestricted file upload
XSS |
Google (Waze) |
Shashank (@cyberboyIndia) |
Bug Bounty | 2013-12-25 | 2023-06-13 |
| 5256 | Google Sites: A Tale of Five Vulnerabilities |
XSS
LFI
HTML injection |
Google |
Bitquark (@bitquark) |
Bug Bounty | 2013-12-30 | 2023-06-13 |
| 5249 | A Tale of 7 Vulnerabilities |
Stored XSS
Reflected XSS
Default credentials
Privilege escalation |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-04-20 | 2023-06-13 |
| 5248 | Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) |
RCE
SQL injection
LFI
XSS |
Magix |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2014-04-26 | 2023-06-13 |
| 5245 | ebay bug bounty |
Reflected XSS |
Ebay |
Matthew Bryant (@IAmMandatory) |
Bug Bounty | 2014-06-06 | 2023-06-13 |
| 5244 | Facebook – Stored Cross-Site Scripting (XSS) – Badges |
Stored XSS |
Meta / Facebook |
Brett Buerhaus (@bbuerhaus) |
Bug Bounty | 2014-06-16 | 2023-06-13 |
| 5238 | The 5000$ Google XSS |
XSS |
Google |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-10-31 | 2023-06-13 |
| 5237 | Paypal DOM XSS main domain |
DOM XSS |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-11-05 | 2023-06-13 |
