🌑

about

PROJECT & EXPERIENCE.


BUG RECORDS.

I have all the Write Ups for the vulnerabilities I found. If you don’t believe these things, please contact me by e-mail. Then I’ll show you!

  • 2021
    • Reflected XSS in admidio - CVE-CENSORED
    • Prototype Pollution in @fabiocaccamo/utils.js - CVE-CENSORED
    • Flaws in methods in @fabiocaccamo/utils.js
    • Remote Code Execution in NASA (Fixed)
    • Bugcrowd Reflected XSS in RAKUTEN VDP x 4
    • HackerOne Dom Based XSS in MEREDITH
    • HackerOne Reflected XSS in MEREDITH
    • HackerOne Inadequate Encryption Strength in MAIL.RU
    • Reflected XSS via CSP Bypass in NAVER (Bounty: $***) - NBB-2153
    • GraphQL Injection in NAVER - NBB-2083
    • Dom Based XSS in NAVER * 2 - NBB-2081, NBB-2082
    • CENSORED in SSG * 3 (HTC 2021/Bounty: $***) - KVE-2021-1456, KVE-2021-1462, KVE-2021-1464
    • CENSORED in KAKAO (Bounty: $****) - KVE-2021-1824
    • CENSORED in DAUM (Bounty: $***) - KVE-2021-1642
    • CENSORED in KAKAO (Bounty: $***) - KVE-2021-1276
    • CENSORED in KAKAO (Bounty: $***) - KVE-2021-1275
    • CENSORED in GNUBOARD 5 - KVE-2021-1239
    • Directory Listing and LFI in KAKAO (Bounty: $****) - KVE-2021-1229
    • Reflected XSS in KAKAO - KVE-2021-1027, KVE-2021-1044, KVE-2021-1027, KVE-2021-1167, KVE-2021-1168
    • HackingZone Dom Based XSS and 7 others in JEJUPASSRENT
    • HackingZone Stored XSS and 6 othres in READIT (Bounty: $120)
    • HackingZone Reflected XSS in VOACAENDING
    • @Bugs-Guy

CTF RECORDS.