Master Bug Bounty Hunting: Your Guide to Breaking into Cybersecurity for Newcomers

#bugs-and-errors

Articles tagged with #bugs-and-errors

CVE-2025-57205: Stored XSS in iNiLabs School Express 6.2 (SMS Express)
Discovered by: Michael Kim & Sergio MedeirosVendor: iNiLabsProduct: School Express – School Management System (SMS Express)Affected Version: 6.2 (other versions not tested)Impact: Arbitrary JavaScript Execution (Stored XSS)Attack Type: Remote (Authen...
Sep 20, 20254 min read469
CVE-2025-57203: Stored XSS in MagicAI 9.1 (AI Chat) Enables Arbitrary JavaScript Execution
Discovered by: Michael Kim & Sergio MedeirosVendor: LiquidThemesProduct: MagicAI (a.k.a. MagicProject AI)Affected version: 9.1 (other versions untested)Impact: Arbitrary JavaScript execution in users’ browsers (stored XSS)Attack type: Authenticated r...
Sep 20, 20257 min read142
My Journey to Passing the CAPenX Certification: A Guide for Aspiring Expert-Level AppSec Pentesters
Introduction: As a seasoned cybersecurity researcher and penetration tester, I am constantly on the lookout for certifications that sharpen my skills and keep me at the forefront of web application se
Nov 10, 20246 min read1.4K
CVE-2024-37629: Simple XSS Payload Exploits 0day Vulnerability in 10,000 Web Apps
The Power of Simplicity: A Bug Bounty Tale with Big Results
Jun 12, 20242 min read2.4K
CVE-2024-34240: Latest Stored XSS 0day Vulnerability Unveiled
How I Quickly Found a Stored XSS 0day in the QDOCS Smart School 7.0.0
May 21, 20242 min read1.1K
CVE-2024-34241: A Step-by-Step Discovery Guide
How I Found Several Stored XSS Bugs in Rocket LMS Version 1.9 in Under 10 Minutes
May 17, 20243 min read1.6K

Command Palette