IDOR in Google APIs
Reported to Google – Published On: 10 Jun 2020
Read Full Writeup
Reflected XSS in Microsoft Social Forums
Reported to Microsoft – Published On: 11 Apr 2020
Broken Authentication in Two Step Verification
Reported to Avira – Published On: 08 Nov 2019
Viewing Facebook Contacts On Locked Device
Reported to Facebook – Published On: 31 Oct 2019
Abusing Post Service (Create Unlimited Posts)
Reported to LinkedIn – Published On: 15 Oct 2019
IDOR & SQL Query Manipulation to Fetch User Details
Reported to Private – Published On: 23 Oct 2020
Open Redirect
Reported to Private – Published On: 14 Jul 2020
Crashing Chat Bot System
Reported to Maximum – Published On: 21 Aug 2020
Bypass CSRF Protection Lead to Account Takeover
Reported to Private – Published On: 30 May 2020
XSS on Change Folder Name
Reported to Private – Published On: 14 May 2020
CSRF – Close Account
Reported to U.S. Dept Of Defense – Published On: June 11, 2020
Flaw in Change Email https://youtu.be/MMvlcHIGs2A
Reported to Staging.Every.org – Published On: March 24, 2020
CSRF – Modify Company Info
CSRF – Modify Project Settings
Reported to U.S. Dept Of Defense – Published On: February 3, 2020
Internal IP Address Disclosed
Reported to U.S. Dept Of Defense – Published On: May 14, 2020