Ahmed Hassan (Bishoo97x)Google unrestricted File Upload + XSS and HTML InjectionHi all. I hope you are all good. I am happy to publish another Write-up. This time I was able to identify multiple Vulnerabilities in a…2 min read·Aug 14, 2022--2--2
Ahmed Hassan (Bishoo97x)UN United Nations Host Header Injection leads to any Full Account Takeover (ATO)Hey all. I hope you are all safe and good. I am happy to publish another new Writeup about an Host Header Injection Vulnerability found in…3 min read·Aug 13, 2022--1--1
Ahmed Hassan (Bishoo97x)UN United Nations weak Reset Password Policy allows anyone to reset the Password to an empty…HI all,2 min read·Jul 15, 2022----
Ahmed Hassan (Bishoo97x)stored XSS and stored HTML Injection in United Nations WebsiteHello all i am very happy to publish another Writeup after a long time of missing.3 min read·Jul 8, 2022--1--1
Ahmed Hassan (Bishoo97x)Stored XSS and HTML Injection in United Nations Web ApplicationHello guys. I am happy to be back after having some stress and no enough time for Bug Bounty.3 min read·May 19, 2022----
Ahmed Hassan (Bishoo97x)IDOR (Insecure Direct Object Reference) leads to listing all valid Users and edit their ProfilesHello friends :) I am happy to write a blog again after finding an Insecure Direct Object Reference Vulnerability in Drexel University…2 min read·Apr 12, 2022----
Ahmed Hassan (Bishoo97x)XSS | HTML Injection and File Upload Bypass in HUAWEI SubdomainHi all :) I hope you are all good :)3 min read·Apr 10, 2022--2--2
Ahmed Hassan (Bishoo97x)Admin Username DisclosureMy youtube Channel: https://www.youtube.com/watch?v=IPmpQa1iUEA Please subscribe and support me :)4 min read·Oct 2, 2021--2--2
Ahmed Hassan (Bishoo97x)Stored and Reflected XSS and reportedMy youtube Channel: https://www.youtube.com/watch?v=IPmpQa1iUEA Please subscribe and support me :)4 min read·Sep 25, 2021----
Ahmed Hassan (Bishoo97x)[Bug Bounty Writeups] Exploiting Cross Site Scripting XSSThis Writeup shows how important it is to test every single input field on any Website even if it is just a form. So let us start :)3 min read·Sep 23, 2021--6--6
![[Bug Bounty Writeups] Exploiting Cross Site Scripting XSS](https://miro.medium.com/v2/resize:fill:160:106/1*BpkW8S2T2VLLmLQJ_nbhFQ.png)
![[Bug Bounty Writeups] Exploiting Cross Site Scripting XSS](https://miro.medium.com/v2/resize:fill:320:214/1*BpkW8S2T2VLLmLQJ_nbhFQ.png)
