| 4993 | Reflected XSS in Yahoo! |
Reflected XSS |
Yahoo! / Verizon Media |
Shahzada AL Shahriar Khan (@TheShahzada) |
Bug Bounty | 2017-08-31 | 2023-06-13 |
| 4991 | My write up about UBER Cross-site scripting by help of KNOXSS |
Reflected XSS |
Uber |
Emad Shanab (@Alra3ees) |
Bug Bounty | 2017-09-02 | 2023-06-13 |
| 4990 | Don’t just alert(1) , Because XSS is for fun…!! |
XSS |
Optimizely |
Armaan Pathan (@armaancrockroax) |
Bug Bounty | 2017-09-02 | 2023-06-13 |
| 4988 | How I found Reflective XSS in Yahoo Subdomain |
Reflected XSS |
Yahoo! / Verizon Media |
Syntax Error (@SYNTAXERRORBA) |
Bug Bounty | 2017-09-03 | 2023-06-13 |
| 4987 | Reflective XSS and Open Redirect on Indeed.com subdomain |
Reflected XSS
Open redirect |
Indeed |
Syntax Error (@SYNTAXERRORBA) |
Bug Bounty | 2017-09-04 | 2023-06-13 |
| 4982 | Stored XSS] with arbitrary cookie installation |
XSS |
NA |
Arbaz Hussain (@ArbazKiraak) |
Bug Bounty | 2017-09-17 | 2023-06-13 |
| 4981 | Chaining Self XSS with UI Redressing is Leading to Session Hijacking (PWN users like a boss) |
Self-XSS
Clickjacking |
NA |
Armaan Pathan (@armaancrockroax) |
Bug Bounty | 2017-09-18 | 2023-06-13 |
| 4980 | Story of a Parameter Specific XSS! |
XSS |
NA |
Rahul Maini (@iamnoooob) |
Bug Bounty | 2017-09-19 | 2023-06-13 |
| 4979 | Exploiting a Single Request for Multiple Vulnerabilities |
Stored XSS
Reflected XSS
SSRF
OS command injection |
NA |
Osama Ansari (@AnsariOsama10) |
Bug Bounty | 2017-09-19 | 2023-06-13 |
| 4977 | Multiple vulnerabilities in Oracle EBS |
SQL injection
XXE
XSS |
NA |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2017-09-19 | 2023-06-13 |
| 4976 | All About Hackerone Private Program Terapeak |
IDOR
Reflected XSS |
Terapeak |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2017-09-20 | 2023-06-13 |
| 4973 | Stored XSS to Full Information disclosure |
Stored XSS |
Terapeak |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2017-09-21 | 2023-06-13 |
| 4972 | IDOR – Execute JavaScript into anyone account |
IDOR
Stored XSS |
Terapeak |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2017-09-21 | 2023-06-13 |
| 4971 | How i bypassed Practo’s firewall and triggered a XSS. |
XSS |
Practo |
Vipin Chaudhary (@vipinxsec) |
Bug Bounty | 2017-09-23 | 2023-06-13 |
| 4970 | 900$ XSS in yahoo ( Recon Wins ) |
XSS |
Yahoo! / Verizon Media |
Th3G3nt3lman (@Th3G3nt3lman) |
Bug Bounty | 2017-09-24 | 2023-06-13 |
| 4969 | Filter Bypass to Reflected XSS on https://finance.yahoo.com (mobile version) |
Reflected XSS |
Yahoo! / Verizon Media |
Samuel (@saamux) |
Bug Bounty | 2017-09-24 | 2023-06-13 |
| 4967 | Craft CMS – Why case matters |
Reflected XSS
Content injection |
Craft CMS |
Markus Krell (@MarkusKrell) |
Bug Bounty | 2017-10-01 | 2023-06-13 |
| 4958 | DOM XSS – auth.uber.com |
DOM XSS |
Uber |
StamOne_ |
Bug Bounty | 2017-10-14 | 2023-06-13 |
| 4949 | App Maker and Colaboratory: a stored Google XSS double-bill |
Stored XSS |
Google |
Yasin Soliman (@SecurityYasin) |
Bug Bounty | 2017-11-01 | 2023-06-13 |
| 4945 | Non-persistent XSS at Microsoft -Adesh Kolte |
Reflected XSS |
Microsoft |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2017-11-05 | 2023-06-13 |
| 4943 | Get your Microsoft account hijacked by simply clicking connect button -Adesh Kolte |
Stored XSS |
Microsoft |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2017-11-06 | 2023-06-13 |
| 4941 | Local File Read via XSS in Dynamically Generated PDF |
XSS
LFI |
NA |
Rahul Maini (@iamnoooob) |
Bug Bounty | 2017-11-08 | 2023-06-13 |
| 4938 | From Recon to DOM-Based XSS |
DOM XSS |
NA |
Abdelfattah Ibrahim |
Bug Bounty | 2017-11-11 | 2023-06-13 |
| 4937 | How I Pwned a company using IDOR & Blind XSS |
IDOR
Blind XSS |
NA |
Osama Ansari (@AnsariOsama10) |
Bug Bounty | 2017-11-15 | 2023-06-13 |
| 4929 | VMware Official VCDX Reflected XSS |
Reflected XSS |
VMware |
Honc (@honcbb) |
Bug Bounty | 2017-11-19 | 2023-06-13 |
