joel ilaganAccount takeover via clicking email message (CSRF)Hello and I’m Joel Ilagan, 19 years old and a bug bounty hunter or security vulnerability researcher.Sep 6, 2022Sep 6, 2022
joel ilaganOTP Bypass on Facebook (No Rate Limit Vulnerability)in this simple article, I will share a vulnerability in facebook, where the OTP can be bypassed through a bruteforce attack, for the reason…Aug 10, 2022Aug 10, 2022
joel ilaganBroken Access Control in Subdomain of the Personal Collectionin this article, I will manually describe a critical vulnerability called broken access control in the Subdomain of the personal…Aug 7, 2022Aug 7, 2022
joel ilaganText Injection (Content Spoofing) in SM supermalls websitein this article, I will share a vulnerability that allows you to manipulate the content of a website through Text injection or content…Aug 7, 2022Aug 7, 2022
joel ilaganReflected XSS in First Consolidated Bank Philippinesin this simple article, I will describe another reflected XSS bug using malicious scripts or xss payload that I found in First Consolidated…Aug 7, 2022Aug 7, 2022