Bug Bounty

Writeups about Security Issues found during Bug Bounty Programs

The Art of Bug Hunting: A Photographic Journey

Hello, fellow nerds, it’s been a while! Today, let’s delve into a some analogy – the striking similarities between bug bounty hunting and photography. This comparison isn’t just for kicks; it’s a serious look at how these two fields, though seemingly worlds apart, share fundamental principles. Focusing the Lens: Spotting Vulnerabilities Photography begins with spotting […]

The Art of Bug Hunting: A Photographic Journey Read More »

[BugBounty] Papyal XML Upload Cross Site Scripting Vulnerability

Greetings readers, today i want to share with you one of my latest findings on Paypal.com.When creating an invoice Paypal allows the users to upload attachements for the invoices one attachement that they allow is a XML file. What the developer may missed here is that you can actually insert HTML into XML files, the namespace

[BugBounty] Papyal XML Upload Cross Site Scripting Vulnerability Read More »

[BugBounty] Reflected Cross Site Scripting at Paypal.com

Dear followers, i found a reflected Cross Site Scripting issue on the new Paypal Directory service (https://www.paypal.com/directory/merchants), with the following Payload: &q=509%22%20src=%22http://www.example.com/exploit509.js%20%3C script %3E alert %281%29%3C/ script %3E The vulnerable Parameter was the q? Parameter, i was able to break the script contex of the page, i think it was because of the &q Parameteter,

[BugBounty] Reflected Cross Site Scripting at Paypal.com Read More »

[BugBounty] Reflected Cross Site Scripting BillMeLater

Dear followers, i recently found a reflected Cross Site Scripting issue on a Subdomain of BillMeLater (Paypal acquisition) it was possible to break the style attribute and add malicious Javascript Code into the Application. “–></style></ script >< script > alert (“XSS “)</ script > When ending the previous style and script element it was possible

[BugBounty] Reflected Cross Site Scripting BillMeLater Read More »

[BugBounty] Yahoo phpinfo.php disclosure

Dear readers, during my research of yahoo i found a phpinfo.php file information disclosure vulnerability, on one of their servers. The server on which i found that particular file was : http://nc10.n9323.mail.ne1.yahoo.com/phpinfo.php you might ask yourself how on earth i found this server. Let me explain what i did: Since the scope for the vulnerability program of

[BugBounty] Yahoo phpinfo.php disclosure Read More »

de_DEGerman