…there are now many different ways in which you can support someone today.
Unfortunately, there are still work or activities that are not supported by the state or by anyone else. This includes, for example, honorary work in animal shelters. I am active for years in the animal protection and have so far all my animals only from animal shelters (except one stray tomcat ).
And of course you also support my work in the area of IT security and bug hunting…
Continue reading "Support me and my work ..."
Posted by on Sunday, June 7. 2020
I did a little bit of researching and bug hunting again and the status for this month is:
- united-domains – Low (paid out)
- united-domains – High (paid out)
- united-domains – High (not paid out yet)
- united-domains – one pending
- Yandex – Hall of fame only ;-)
I think this was a very good restart ;-) Let’s see what will happen in the next weeks. Even if summer is just around the corner…
It has been a long time since the last post and I see that many things are no longer up to date. I will update the page bit by bit and see how things are going on here :-)
The bug hunt begins again…
reg.ebay.com – Cross-site Scripting vulnerability
Successfully tested on reg.ebay.com
The website reg.ebay.com is prone to a cross-site Scripting vulnerability
Continue reading "SSCHADV2014-004 - reg.ebay.com - Cross-site Scripting vulnerability"
ocsnext.ebay.com – Open Redirect
Successfully tested on ocsnext.ebay.com
The website "ocsnext.ebay.com" is prone to open redirect with a special provided url
Continue reading "SSCHADV2014-005 - ocsnext.ebay.com - Open Redirect"
In Jan ’14 I reported three Cross-site Scripting vulnerabilities to the Yahoo Bug Bounty Program. And I know, it is really really hard, but … again … no feedback or bounty :)
‘ XSS on ‘celebrity.yahoo.com
‘ XSS on ‘movies.yahoo.com
XSS on ‘music.yahoo.com’
Continue reading "Yahoo Bug Bounty Program Vulnerability #4 #5 #6 Cross-site Scripting vulnerabilities"