Welcome to nav1n.com
Nothing much to see here yet!, please come back again.
Connect me on twitter: @admin
Late night bug hunter - #BC, #H1 & #Intigriti | HoF @ #BMW, #SquareSpace, #UN #MailRU, #Unilever, #Indeed, #IBM, #TransferWise, #BlueHost , #Sony, #Dell.
One more directory traversal done and dusted today.
2 SQL injection reported for a program, 1 accepted so-far.
Multi-part POST request, fed bSQLI payload in all fields, got 403, bypassed using a fake input:
Content-Disposition: form-data; language="lang_id" with payload:
if(now()=sysdate(),sleep(xx),0) ==>SUCCESS!! #BugBounty
Just got duplicated 3 reports straight on a private program, and this one duplicated for a report that someone submitted 3 years ago.
If the company doesn't want to fix the reported issue why they run Bug Bounty/ VDP btw. #BugBounty
The CVE-2019-5418 (Ruby on Rails Action View File Content Disclosure) is still vulnerable in the wild, I just submitted a report, knowing that its a 3yo vulnerability chances are high that it could be another duplicate of the day. #BugBounty