Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5209XSS vulnerability in Google image search XSS Google Mahmoud Gamal (@Zombiehelp54) Bug Bounty2015-09-182023-06-13
5102SQL injection in an UPDATE query - a bug bounty story! SQL injection NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2017-02-172023-06-13
5060Let’s steal some tokens! CSRF XSS Account takeover Google Shopify Mahmoud Gamal (@Zombiehelp54) Bug Bounty2017-06-112023-06-13
4675SQL Injection and A silly WAF SQL injection NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2018-07-252023-06-13
4220Handlebars template injection and RCE in a Shopify app SSTI RCE Shopify Mahmoud Gamal (@Zombiehelp54) Bug Bounty2019-04-042023-06-13
3989Exploiting Out Of Band XXE using internal network and php wrappers XXE NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2019-08-062023-06-13
2909Weblogic Remote Code Execution (Exploiting CVE-2019-2725) RCE NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2021-01-102023-06-13
454SQL Injection: Utilizing XML Functions in Oracle and PostgreSQL to bypass WAFs SQL injection WAF bypass NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2023-02-132023-06-13
166Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers Salesforce Security misconfiguration Broken Access Control NA Mahmoud Gamal (@Zombiehelp54) Bug Bounty2023-04-212023-06-13