Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 2999 | Chaining Multiple Requests to Achieve Rate Limiting Vulnerabilities | Rate limiting bypass | NA | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2020-11-29 | 2023-06-13 |
| 2749 | Secret Key Exposure in API Config Directory | Information disclosure | NA | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2021-03-01 | 2023-06-13 |
| 2735 | Finding Hidden Login Endpoint Exposing Secret `Client ID` | Information disclosure | NA | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2021-03-07 | 2023-06-13 |
| 2611 | RCE via Internal Access to Adminer Database Management (Critical) | RCE | NA | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2021-04-24 | 2023-06-13 |
| 2324 | Simple HTML Injection to $250 | Account takeover Mass assignment | NA | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2021-08-14 | 2023-06-13 |
| 1391 | PII Disclosure of Apple Users ($10k) | IDOR Lack of rate limiting Bruteforce Information disclosure | Apple | Ahmad Halabi (@Ahmad_Halabi_) | Bug Bounty | 2022-07-07 | 2023-06-13 |