| 4813 | Reflected XSS on www.zomato.com By Mustafa Hasan |
Reflected XSS |
Zomato |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-04-07 | 2023-06-13 |
| 4812 | Stealing HttpOnly Cookie via XSS |
XSS |
NA |
Yasser Gersy (@yassergersy) |
Bug Bounty | 2018-04-08 | 2023-06-13 |
| 4808 | Please email me your password |
Blind XSS
Blind SQL injection
SMTP injection
Account takeover |
NA |
Jasmin Laundry (@JR0ch17) |
Bug Bounty | 2018-04-11 | 2023-06-13 |
| 4805 | How I hacked companies related to the crypto currency and earned $60,000 |
Authorization flaw
CSRF
IDOR
Stored XSS
HTML injection |
okex.com
livecoin.net |
Max (@0xw2w) |
Bug Bounty | 2018-04-14 | 2023-06-13 |
| 4804 | Bypass CSP by Abusing XSS Filter in Edge |
CSP bypass |
Microsoft |
Xiaoyin Liu (@general_nfs) |
Bug Bounty | 2018-04-15 | 2023-06-13 |
| 4798 | How I got stored XSS using file upload |
Stored XSS |
NA |
gujjuboy10x00 (@vis_hacker) |
Bug Bounty | 2018-04-17 | 2023-06-13 |
| 4790 | Story Of a Stored XSS Bypass |
Stored XSS |
NA |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-04-21 | 2023-06-13 |
| 4789 | Turning Self-XSS into non-Self Stored-XSS via Authorization Issue at “PayPal Tech-Support and Brand Central Portal |
Stored XSS |
Paypal |
YoKo Kho (@YokoAcc) |
Bug Bounty | 2018-04-21 | 2023-06-13 |
| 4787 | DOM XSS in Google VRView library |
DOM XSS |
Google |
Federico Fazzi (@federicofazzi) |
Bug Bounty | 2018-04-23 | 2023-06-13 |
| 4785 | XSS “403 forbidden” bypass write up |
XSS |
NA |
Nur A Alam Dipu (@Dipu1A) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4783 | How I earned 60K+ from private program |
Open redirect
Subdomain takeover
XSS
HTTP parameter pollution |
NA |
Siva Krishna Samireddi (@le4rner) |
Bug Bounty | 2018-04-25 | 2023-06-13 |
| 4781 | Reflected XSS on Stack Overflow |
Reflected XSS |
Stack Overflow |
ssid (@newp_th) |
Bug Bounty | 2018-04-27 | 2023-06-13 |
| 4777 | Story Of a Stored XSS Bypass |
Open redirect |
Zerocopter |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-04-30 | 2023-06-13 |
| 4770 | Internet Safety for Kids & Families — Trend Micro Bypass DOM XSS |
DOM XSS |
Trend Micro |
Honc (@honcbb) |
Bug Bounty | 2018-05-08 | 2023-06-13 |
| 4765 | Xss in Microsoft |
XSS |
Microsoft |
hacker_eth |
Bug Bounty | 2018-05-18 | 2023-06-13 |
| 4764 | Stored XSS in Yahoo and all subdomains! |
Stored XSS |
Microsoft |
Hakim Bencella (@H4kst3r) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
| 4761 | Fastest Fix on Open Bug Bounty Platform |
XSS
CSRF |
Kevag Telekom GmbH |
Wen Bin KONG (@kongwenbin) |
Bug Bounty | 2018-05-19 | 2023-06-13 |
| 4759 | Self-XSS + CSRF to Stored XSS |
Self-XSS
CSRF
Stored XSS |
NA |
Renwa (@RenwaX23) |
Bug Bounty | 2018-05-20 | 2023-06-13 |
| 4753 | Persistent XSS to Steal Passwords – Paypal |
Stored XSS |
Paypal |
Akhil Reni (@akhilreni_hs) |
Bug Bounty | 2018-05-26 | 2023-06-13 |
| 4749 | How I found 5 store XSS on a private program. Each worth "1,016.66$" |
Stored XSS |
NA |
Shahzad Sadiq (@ShahzadSadiq25) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4748 | Account Takeover and Blind XSS! Go Pro, get Bugs! |
IDOR
Stored XSS
Account takeover
Blind XSS |
NA |
Tabahi (@_tabahi) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4746 | Reflected XSS in Yahoo Subdomain ( hk.movies.yahoo.com ) |
Reflected XSS |
Yahoo! / Verizon Media |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-05-30 | 2023-06-13 |
| 4744 | How I Earned $750 Bounty Reward From AT&T bug Bounty -Adesh Kolte |
RCE
Clickjacking
XSS
Same Origin Method Execution |
AT&T |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4743 | How i converted SSRF to XSS in Jira. |
SSRF
XSS |
NA |
Ashish Kunwar (@D0rkerDevil) |
Bug Bounty | 2018-06-01 | 2023-06-13 |
| 4738 | Searching for XSS found LDAP injection |
LDAP injection |
NA |
Davide Tampellini (@tampe125) |
Bug Bounty | 2018-06-05 | 2023-06-13 |
