Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 2814 | OAuth Misconfiguration Leads to Full Account takeover | OAuth Clickjacking CSRF Account takeover | NA | Yasser Mohammed (@boomneroli) | Bug Bounty | 2021-02-13 | 2023-06-13 |
| 2778 | Is Math.random() Safe? from missing rate limit to bypass 2fa and possible sqli | Race condition Lack of rate limiting OTP bypass SQL injection | NA | Yasser Mohammed (@boomneroli) | Bug Bounty | 2021-02-20 | 2023-06-13 |
| 2328 | How we was able to takeover whole organization via Privilege Escalation | Privilege escalation Authorization flaw | NA | Yasser Mohammed (@boomneroli) | Bug Bounty | 2021-08-13 | 2023-06-13 |
| 2321 | Why u should use burp to test Path Traversal Vulnerability and also get RXSS | Path traversal XSS CSRF Account takeover | NA | Yasser Mohammed (@boomneroli) | Bug Bounty | 2021-08-16 | 2023-06-13 |