Menu

Skip to content
  • BLOG
  • RESUME
  • TWITTER
HomePosts tagged 'hackerone'

hackerone

Airbnb – Web to App Phone Notification IDOR to view Everyone’s Airbnb Messages

March 31, 2017February 25, 2024

Airbnb – Ruby on Rails String Interpolation led to Remote Code Execution

March 13, 2017February 25, 2024

Airbnb – Chaining Third-Party Open Redirect into Server-Side Request Forgery (SSRF) via LivePerson Chat

March 9, 2017February 25, 2024

Airbnb – When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities

March 8, 2017February 25, 2024

Flickr API Explorer – Force users to execute any API request.

February 3, 2015February 25, 2024

Yahoo – Root Access SQL Injection – tw.yahoo.com

January 15, 2015February 25, 2024