Daily Bug Bounty Writeups by @Piyush Kumawat
This repository contains Bug Bounty writeups
-
💯July 17, 2026 - Lab Walkthrough: Exploiting Username Enumeration via Different Responses
-
💯July 17, 2026 - Finding Reflected XSS Parameters Fast: A Deep Dive into RefleX
-
💯July 17, 2026 - Room 8 Is Live: Why Server-Side Request Forgery Still Challenges Modern Security Teams
-
💯July 17, 2026 - When -1 Crossed a Library Boundary: How libvips Hardened Its TIFF Loader
-
💯July 17, 2026 - A 65,529-Sample Lie: How a Tiny TIFF Fooled GDAL Into Asking for 16 GB
-
💯July 16, 2026 - Password Reset Vulnerabilities List
-
💯July 16, 2026 - Stored XSS via SVG File Upload Leading to Account Takeover in an LMS Platform
-
💯July 16, 2026 - It Was Just a Number!!?
-
💯July 16, 2026 - Workflow Bypass Leading to Unauthorized Access to Sensitive Records (IDOR / Broken Object-Level…
-
💯July 16, 2026 - A Newsletter Confirmation Link That Doubled as a Permanent, Non-Expiring Login Token