Where it all breaks.

001

Account Takeover

A clean path straight to full account takeover.

atocritical

↗ 002

Account Takeover via Chained IDORs

Two IDORs that looked minor alone, chained into a full takeover.

idorcritical

↗ 003

Privilege Escalation via Stored XSS

A stored payload pushed past an alert box into real privilege escalation.

xsshigh

↗ 004

From AWS S3 Bucket Misconfiguration to Sensitive Data Exposure

A misconfigured bucket that quietly exposed sensitive data.

cloudhigh

↗ 005

Escalating Self-XSS to Stored XSS via Image Injection + IDOR

Turning a self-only XSS into a stored, victim-facing one.

xsshigh

↗ 006

Wayback Machine to Account Takeover

Recon through archived pages, ending in a full account takeover.

atocritical

↗ 007

Stored XSS in Deskpro

Three published CVEs from a stored XSS in Deskpro.

cvehigh

↗ 008

SSTI to Local File Read

A template injection escalated into reading files off the host.

sstihigh

↗ 009

CSRF + Open Redirect Chained to Account Takeover

A CSRF and an open redirect chained into account takeover.

csrfhigh

↗ 010

IDOR: Unauthorized Access to Support Tickets

An IDOR exposing other users' support tickets.

idormedium

↗