My Finding and write up-s

i have shown my findings like how i discover this and what are the impacts . some of the content are get it from other blogs so u may find same content here

CVE-2021-41349 in Redbull subdomain

Cross-site scripting (also known as XSS) is a ....

Read More

CRLF injection $300 bounty

In a CRLF injection attack, the attacker inserts the carriage return and linefeed characters into user input to trick the server....

Read More

Docker file expose

MYSQL Credentials leaking via Docker compose file.A Docker configuration file was found in this directory...

Read More

keycloak XSS

keycloak is an open source identity and access management solution. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The Account console allows stored....

Read More

CVE-2021-38314 in groww.in

The Gutenberg Template Library & Redux Framework plugin <= 4.2.11....

Read More

Apache Structs RCE

Here is a small tail of how i got 2500$ bounty....

Read More