| 5236 | Paypal stored XSS + Security bypass |
Stored XSS |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-11-11 | 2023-06-13 |
| 5235 | Reflected Cross Site Scripting BillMeLater |
Reflected XSS |
BillMeLater |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-11-17 | 2023-06-13 |
| 5234 | Google Bug Bounty: Nice Catch on Google Cloud Platform Live |
Reflected XSS |
Google |
Julien Ahrens (@MrTuxracer) |
Bug Bounty | 2014-11-20 | 2023-06-13 |
| 5232 | AliExpress XSS vulnerability - take over any seller account |
XSS |
Alibaba |
Barak Tawily (@quitten11) |
Bug Bounty | 2014-12-10 | 2023-06-13 |
| 5230 | Reflected Cross Site Scripting at Paypal.com |
Reflected XSS |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2014-12-15 | 2023-06-13 |
| 5228 | Papyal XML Upload Cross Site Scripting Vulnerability |
XSS |
Paypal |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2015-01-07 | 2023-06-13 |
| 5225 | admin.google.com Reflected Cross-Site Scripting (XSS) |
Reflected XSS |
Google |
Brett Buerhaus (@bbuerhaus) |
Bug Bounty | 2015-01-21 | 2023-06-13 |
| 5213 | One Payload to XSS Them All! |
Flash XSS |
Adobe |
Abdullah Hussam (@Abdulahhusam) |
Bug Bounty | 2015-08-03 | 2023-06-13 |
| 5210 | XSS to RCE in ... |
XSS
RCE |
NA |
Neil Hakuna Matatall (@ndm) |
Bug Bounty | 2015-09-08 | 2023-06-13 |
| 5209 | XSS vulnerability in Google image search |
XSS |
Google |
Mahmoud Gamal (@Zombiehelp54) |
Bug Bounty | 2015-09-18 | 2023-06-13 |
| 5207 | XSS to RCE in Atlassian Hipchat |
XSS
RCE |
Atlassian |
Matt Austin (@mattaustin) |
Bug Bounty | 2015-11-15 | 2023-06-13 |
| 5206 | Cloudflare WAF XSS |
XSS |
Cloudflare |
Abdullah Hussam (@Abdulahhusam) |
Bug Bounty | 2015-11-16 | 2023-06-13 |
| 5204 | Arbitary File Upload Vulnerability in Google Nest (Write Up) |
Unrestricted file upload
Stored XSS |
Google |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2015-12-21 | 2023-06-13 |
| 5203 | Local File XSS Vulnerability in Wordpress.com (Write Up) |
XSS |
WordPress |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2015-12-21 | 2023-06-13 |
| 5198 | An XSS on Facebook via PNGs & Wonky Content Types |
XSS |
Meta / Facebook |
Jack Whitton (@fin1te) |
Bug Bounty | 2016-01-27 | 2023-06-13 |
| 5197 | XSS without HTML: Client-Side Template Injection with AngularJS |
CSTI
XSS |
Google |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2016-01-27 | 2023-06-13 |
| 5194 | How I Hacked [Oculus] OAuth +Ebay +IBM |
Unrestricted file upload
XSS |
Meta / Facebook
Ebay
IBM
AnswerHub |
Abdullah Hussam (@Abdulahhusam) |
Bug Bounty | 2016-02-12 | 2023-06-13 |
| 5189 | Uber Bug Bounty: Turning Self-XSS into Good-XSS |
XSS |
Uber |
Jack Whitton (@fin1te) |
Bug Bounty | 2016-03-22 | 2023-06-13 |
| 5178 | Poisoning the Well – Compromising GoDaddy Customer Support With Blind XSS |
Blind XSS |
GoDaddy |
Matthew Bryant (@IAmMandatory) |
Bug Bounty | 2016-05-08 | 2023-06-13 |
| 5173 | Sleeping stored Google XSS Awakens a $5000 Bounty |
Stored XSS |
Google |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2016-05-17 | 2023-06-13 |
| 5169 | RunKeeper Stored XSS Vulnerability – Where worms are able to run too! |
Stored XSS
CSRF |
RunKeeper |
Mohamed A. Baset |
Bug Bounty | 2016-06-06 | 2023-06-13 |
| 5166 | Two vulnerabilities makes an Exploit!! (XSS and CSRF in Bing) |
XSS
CSRF |
Microsoft |
Sai Krishna Kothapalli (@kmskrishna) |
Bug Bounty | 2016-06-10 | 2023-06-13 |
| 5164 | Medium Full Account Takeover By One Click |
XSS |
Medium |
Abdullah Hussam (@Abdulahhusam) |
Bug Bounty | 2016-06-23 | 2023-06-13 |
| 5158 | Blind XSS in Spotify%27s Salesforce Integration |
Blind XSS
Salesforce |
Spotify |
Mohammed Diaa (@mhmdiaa) |
Bug Bounty | 2016-07-19 | 2023-06-13 |
| 5151 | XSS on Flickr |
XSS |
Flickr |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2016-07-31 | 2023-06-13 |
