nerrorsec

@UC8Nj98GJ02R06rqiouNfEQg - 619 subscribers

Infosec addict

Home Videos Live Playlists

Bug Bounty - Free Delivery - Gyapu.com

Bug Bounty - Free Delivery - Gyapu.com nerrorsec

127 views - 6 months ago

Bug Bounty - Improper Access Control in Address Book - Gyapu.com

Bug Bounty - Improper Access Control in Address Book - Gyapu.com nerrorsec

230 views - 1 year ago

Bug Bounty - Reflected XSS - Gyapu.com

Bug Bounty - Reflected XSS - Gyapu.com nerrorsec

137 views - 1 year ago

Bug Bounty - Unlimited Review Stars - Hamrobazaar

Bug Bounty - Unlimited Review Stars - Hamrobazaar nerrorsec

66 views - 1 year ago

Bugv Live Hacking 1225 - Race Condition

Bugv Live Hacking 1225 - Race Condition nerrorsec

167 views - 1 year ago

Campus 4.0 - HTML Injection / Stored Cross Site Scripting via File Upload

Campus 4.0 - HTML Injection / Stored Cross Site Scripting via File Upload nerrorsec

95 views - 1 year ago

Responsible Disclosure - Server-Side Request Forgery - Surf.nl

Responsible Disclosure - Server-Side Request Forgery - Surf.nl nerrorsec

104 views - 1 year ago

Path Traversal via get-browser-snapshot - Devika AI

Path Traversal via get-browser-snapshot - Devika AI nerrorsec

117 views - 1 year ago

Potential RCE (feature in-dev) via CSRF - Devika AI

Potential RCE (feature in-dev) via CSRF - Devika AI nerrorsec

111 views - 1 year ago

ENV leak via CSRF - guildai

ENV leak via CSRF - guildai nerrorsec

74 views - 1 year ago

Bug Bounty - Reflected XSS - Takeaway

Bug Bounty - Reflected XSS - Takeaway nerrorsec

133 views - 1 year ago

Folioclient - Reflected XSS

Folioclient - Reflected XSS nerrorsec

39 views - 1 year ago

Trip Reflected XSS POC

Trip Reflected XSS POC nerrorsec

32 views - 1 year ago

Bypass AI Detection | ai-humanize.com

Bypass AI Detection | ai-humanize.com nerrorsec

66 views - 1 year ago

OTP hardcoded in response - KataHo App

OTP hardcoded in response - KataHo App nerrorsec

153 views - 2 years ago

HTML Injection in Email message - DNSfilter

HTML Injection in Email message - DNSfilter nerrorsec

77 views - 2 years ago

RCE via CSRF in Aim experiment tracker - CVE-2024-2196

RCE via CSRF in Aim experiment tracker - CVE-2024-2196 nerrorsec

143 views - 2 years ago

Bug Bounty - Open Redirect Bypass - Coincheck

Bug Bounty - Open Redirect Bypass - Coincheck nerrorsec

114 views - 2 years ago

XSS in Nokia and Coca-Cola | CVE-2023-29489

XSS in Nokia and Coca-Cola | CVE-2023-29489 nerrorsec

884 views - 2 years ago

Stored XSS via PUT method - Aliyuncs

Stored XSS via PUT method - Aliyuncs nerrorsec

311 views - 3 years ago

Open Source - Log Spoofing | GetOutline

Open Source - Log Spoofing | GetOutline nerrorsec

880 views - 3 years ago

Koel - Use of GET Request with Sensitive Query Strings

Koel - Use of GET Request with Sensitive Query Strings nerrorsec

127 views - 3 years ago

Viewer role can tamper everyone's comment in planka

Viewer role can tamper everyone's comment in planka nerrorsec

261 views - 3 years ago

Open Source - XSS - Uptime Kuma

Open Source - XSS - Uptime Kuma nerrorsec

214 views - 3 years ago

Open Source - Improper Parsing - uri-js

Open Source - Improper Parsing - uri-js nerrorsec

264 views - 3 years ago

Open Source - Archived documents accessible to Viewer - outline

Open Source - Archived documents accessible to Viewer - outline nerrorsec

151 views - 3 years ago

Open Source - Missing Length Validation DOS - outline

Open Source - Missing Length Validation DOS - outline nerrorsec

163 views - 3 years ago

Outline - Stored XSS

Outline - Stored XSS nerrorsec

82 views - 3 years ago

coreBOS - XSS on Hidden Input tag

coreBOS - XSS on Hidden Input tag nerrorsec

557 views - 3 years ago

coreBOS - Reflected XSS

coreBOS - Reflected XSS nerrorsec

68 views - 3 years ago

Outline - SSRF nerrorsec

114 views - 3 years ago

Nakama Console - User Account Deletion via Clickjacking

Nakama Console - User Account Deletion via Clickjacking nerrorsec

242 views - 3 years ago

Web Socket Hijacking - GhostText VScode Extension

Web Socket Hijacking - GhostText VScode Extension nerrorsec

251 views - 3 years ago

Reflected Cross Site Scripting (XSS) - HTC

Reflected Cross Site Scripting (XSS) - HTC nerrorsec

107 views - 3 years ago

Open Source - Insufficient Session Expiration - snipe-it

Open Source - Insufficient Session Expiration - snipe-it nerrorsec

177 views - 3 years ago

Nexway - HTML Injection in Email

Nexway - HTML Injection in Email nerrorsec

182 views - 3 years ago

Open Source - Reflected Cross Site Scripting - ARAX

Open Source - Reflected Cross Site Scripting - ARAX nerrorsec

68 views - 3 years ago

Open Source - Stored XSS - reNgine v1.1

Open Source - Stored XSS - reNgine v1.1 nerrorsec

645 views - 4 years ago

Open Source - HTML Injection - reNgine v1.1

Open Source - HTML Injection - reNgine v1.1 nerrorsec

329 views - 4 years ago

Meta (Facebook) - Read Only Feature Limits Could be Bypassed through XAC | $$$

Meta (Facebook) - Read Only Feature Limits Could be Bypassed through XAC | $$$ nerrorsec

127 views - 4 years ago

Open Source - Stored Cross Site Scripting | Xoops 2.5.10

Open Source - Stored Cross Site Scripting | Xoops 2.5.10 nerrorsec

100 views - 4 years ago

Campus 4.0 - Authorization Bypass

Campus 4.0 - Authorization Bypass nerrorsec

59 views - 4 years ago

Open Source - Stored XSS - rengine 1.0.1

Open Source - Stored XSS - rengine 1.0.1 nerrorsec

91 views - 4 years ago

Open Source - Stored XSS - rengine project

Open Source - Stored XSS - rengine project nerrorsec

77 views - 4 years ago

Bugv Live Hacking 1225 - Account Lockout Bypass

Bugv Live Hacking 1225 - Account Lockout Bypass nerrorsec

30 views - 4 years ago

Bug Bounty - Cookie based XSS | TikTok.com

Bug Bounty - Cookie based XSS | TikTok.com nerrorsec

12.1K views - 4 years ago

Bug Bounty - Broken Authorization - stackry.com

Bug Bounty - Broken Authorization - stackry.com nerrorsec

1.8K views - 4 years ago

Bug Bounty - Broken Authorization - stackry.com

Bug Bounty - Broken Authorization - stackry.com nerrorsec

510 views - 4 years ago

Bug Bounty - OAuth Token Leak | scheduler.indeed.com

Bug Bounty - OAuth Token Leak | scheduler.indeed.com nerrorsec

2.2K views - 4 years ago

Bug Bounty - Account Takeover - sphero.com

Bug Bounty - Account Takeover - sphero.com nerrorsec

174 views - 6 years ago

Bug Bounty - CRLF Injection - drop.com

Bug Bounty - CRLF Injection - drop.com nerrorsec

694 views - 6 years ago

Bug Bounty - sXSS exploitation via CSRF - ekoapp.com

Bug Bounty - sXSS exploitation via CSRF - ekoapp.com nerrorsec

87 views - 6 years ago

Bug Bounty - Stealing Oauth tokens - spreaker.com

Bug Bounty - Stealing Oauth tokens - spreaker.com nerrorsec

160 views - 6 years ago

Bug Bounty - Account Deletion via GET request - memset.com

Bug Bounty - Account Deletion via GET request - memset.com nerrorsec

67 views - 6 years ago

Bug Bounty - Misconfigured Captcha Implementation - ikuu.io

Bug Bounty - Misconfigured Captcha Implementation - ikuu.io nerrorsec

159 views - 6 years ago

Bug Bounty - Account Takeover - ribose.com

Bug Bounty - Account Takeover - ribose.com nerrorsec

101 views - 6 years ago

Bug Bounty - Email Verification Bypass - jumplead.com

Bug Bounty - Email Verification Bypass - jumplead.com nerrorsec

125 views - 6 years ago

Bug Bounty - IE only XSS - climbingtree.nl

Bug Bounty - IE only XSS - climbingtree.nl nerrorsec

77 views - 6 years ago

Bug Bounty - Open redirect - edmodo.com

Bug Bounty - Open redirect - edmodo.com nerrorsec

63 views - 6 years ago

CVE-2019-16684 - Stored Cross Site Scripting

CVE-2019-16684 - Stored Cross Site Scripting nerrorsec

93 views - 6 years ago