Ahmed Hassan (Bishoo97x)Google unrestricted File Upload + XSS and HTML InjectionHi all. I hope you are all good. I am happy to publish another Write-up. This time I was able to identify multiple Vulnerabilities in a…Aug 14, 20222Aug 14, 20222
Ahmed Hassan (Bishoo97x)UN United Nations Host Header Injection leads to any Full Account Takeover (ATO)Hey all. I hope you are all safe and good. I am happy to publish another new Writeup about an Host Header Injection Vulnerability found in…Aug 13, 20221Aug 13, 20221
Ahmed Hassan (Bishoo97x)UN United Nations weak Reset Password Policy allows anyone to reset the Password to an empty…HI all,Jul 15, 2022Jul 15, 2022
Ahmed Hassan (Bishoo97x)stored XSS and stored HTML Injection in United Nations WebsiteHello all i am very happy to publish another Writeup after a long time of missing.Jul 8, 20221Jul 8, 20221
Ahmed Hassan (Bishoo97x)Stored XSS and HTML Injection in United Nations Web ApplicationHello guys. I am happy to be back after having some stress and no enough time for Bug Bounty.May 19, 2022May 19, 2022
Ahmed Hassan (Bishoo97x)IDOR (Insecure Direct Object Reference) leads to listing all valid Users and edit their ProfilesHello friends :) I am happy to write a blog again after finding an Insecure Direct Object Reference Vulnerability in Drexel University…Apr 12, 2022Apr 12, 2022
Ahmed Hassan (Bishoo97x)XSS | HTML Injection and File Upload Bypass in HUAWEI SubdomainHi all :) I hope you are all good :)Apr 10, 20222Apr 10, 20222
Ahmed Hassan (Bishoo97x)Admin Username DisclosureMy youtube Channel: https://www.youtube.com/watch?v=IPmpQa1iUEA Please subscribe and support me :)Oct 2, 20212Oct 2, 20212
Ahmed Hassan (Bishoo97x)Stored and Reflected XSS and reportedMy youtube Channel: https://www.youtube.com/watch?v=IPmpQa1iUEA Please subscribe and support me :)Sep 25, 2021Sep 25, 2021
Ahmed Hassan (Bishoo97x)[Bug Bounty Writeups] Exploiting Cross Site Scripting XSSThis Writeup shows how important it is to test every single input field on any Website even if it is just a form. So let us start :)Sep 23, 20217Sep 23, 20217