BugBounty.info
Search
Search
Dark mode
Light mode
Explorer
Tag: web
65 items with this tag.
Apr 24, 2026
XSS - Overview
web
xss
injection
Apr 24, 2026
SSRF
web
ssrf
intermediate
advanced
high
critical
polished
Apr 24, 2026
Web Applications
web
attack-surface
Apr 24, 2026
SQL Injection - Overview
web
sqli
injection
Apr 24, 2026
Subdomain Takeover to Cookie Theft
chains
web
client-side
Apr 24, 2026
XSS to Account Takeover
chains
web
xss
critical
Apr 24, 2026
XSS to Admin Action to Privilege Escalation
chains
web
xss
critical
Apr 24, 2026
XXE to SSRF to Cloud RCE
chains
web
xxe
critical
Apr 24, 2026
File Upload to RCE
chains
web
rce
critical
Apr 24, 2026
GraphQL BFLA to Mass Data Extraction
chains
web
api
critical
Apr 24, 2026
IDOR and Mass Assignment to Privilege Escalation
chains
web
authorization
critical
Apr 24, 2026
IDOR to PII Leak to Account Takeover
chains
web
authorization
critical
Apr 24, 2026
Info Disclosure to Full Exploitation
chains
web
Apr 24, 2026
OAuth Misconfiguration to Account Takeover
chains
web
authentication
critical
Apr 24, 2026
Open Redirect to OAuth Account Takeover
chains
web
authentication
critical
Apr 24, 2026
Prototype Pollution to Exploit
chains
web
client-side
critical
Apr 24, 2026
Race Condition to Financial Impact
chains
web
business-logic
Apr 24, 2026
SSRF to Cloud Metadata to RCE
chains
web
cloud
critical
Apr 24, 2026
SSTI to RCE
chains
web
rce
critical
Apr 24, 2026
Self-XSS to Exploitable Chain
chains
web
xss
high
Apr 24, 2026
Subdomain Takeover to OAuth Account Takeover
chains
web
authentication
critical
Apr 24, 2026
CSRF to Account Takeover
chains
web
authentication
critical
Apr 24, 2026
Framework XSS
web
xss
advanced
Apr 24, 2026
Reflected XSS
web
xss
intermediate
Apr 24, 2026
Stored XSS
web
xss
intermediate
advanced
Apr 24, 2026
WAF Bypass
web
xss
advanced
expert
Apr 24, 2026
Deserialization
web
injection
advanced
expert
Apr 24, 2026
Host Header
web
injection
intermediate
Apr 24, 2026
NoSQLi
web
injection
intermediate
advanced
Apr 24, 2026
Blind
web
sqli
intermediate
advanced
Apr 24, 2026
Error-Based
web
sqli
intermediate
Apr 24, 2026
Second-Order
web
sqli
advanced
Apr 24, 2026
SSTI
web
injection
advanced
critical
Apr 24, 2026
DOM XSS
web
xss
advanced
Apr 24, 2026
Path Traversal
web
file-operations
intermediate
Apr 24, 2026
XXE (XML External Entities)
web
file-operations
intermediate
advanced
Apr 24, 2026
Cache Poisoning
web
infrastructure
advanced
expert
Apr 24, 2026
HTTP/2 Attacks
web
infrastructure
advanced
expert
Apr 24, 2026
Open Redirect
web
infrastructure
beginner
intermediate
Apr 24, 2026
HTTP Request Smuggling
web
infrastructure
advanced
expert
Apr 24, 2026
Web Cache Deception
web
infrastructure
intermediate
advanced
Apr 24, 2026
Command Injection
web
injection
intermediate
advanced
Apr 24, 2026
CSRF
web
client-side
intermediate
Apr 24, 2026
Clickjacking
web
client-side
beginner
intermediate
Apr 24, 2026
Prototype Pollution
web
client-side
advanced
Apr 24, 2026
Subdomain Takeover
web
client-side
intermediate
Apr 24, 2026
WebSocket Security
web
client-side
intermediate
advanced
Apr 24, 2026
postMessage Vulnerabilities
web
client-side
intermediate
medium
high
polished
Apr 24, 2026
File Upload
web
file-operations
intermediate
advanced
Apr 24, 2026
CORS Misconfigurations
web
client-side
intermediate
Apr 24, 2026
IDOR
web
authorization
intermediate
Apr 24, 2026
Multi-Tenancy
web
authorization
advanced
Apr 24, 2026
Privilege Escalation
web
authorization
intermediate
advanced
Apr 24, 2026
Mass Assignment
web
business-logic
intermediate
Apr 24, 2026
Price Manipulation
web
business-logic
intermediate
Apr 24, 2026
Race Conditions
web
business-logic
intermediate
advanced
Apr 24, 2026
State Machine Bugs
web
business-logic
intermediate
advanced
Apr 24, 2026
BOLA
web
authorization
api
intermediate
advanced
Apr 24, 2026
OAuth
web
authentication
advanced
Apr 24, 2026
Password Reset
web
authentication
intermediate
advanced
Apr 24, 2026
SSO
web
authentication
advanced
expert
Apr 24, 2026
Session Management
web
authentication
intermediate
Apr 24, 2026
JWT Attacks
web
authentication
intermediate
advanced
Apr 24, 2026
Login Bypass
web
authentication
intermediate
Apr 24, 2026
MFA Bypass
web
authentication
intermediate
advanced