Business
Bug Bounty Program
Cybersecurity Audits
DualDefense Audit
The Security Expansion Program
Partners
Hackers
Start hacking
Leaderboard
Auditors team
Learn ERC-4337
Security AI Agents
Bounties
Audits
National CTF
NEW
National CTF
NEW
Bounties
Audits
Blog
Contacts
Community
Menu
Blog
Contacts
Community
Menu
KYC
@OctaYus
Member since:
October 25, 2024
Egypt
Available for hire
Rank
1556
Reputation
172
Paid Reports
0
About
Reports (0)
Influenced Programs (2)
Achievements (0)
:]
Reports (0)
No disclosed reports at the moment
This user has no disclosed reports or reports are in review.
Own articles
Dependency Confusion RCE Vulnerability Report
By publishing a malicious package with the same name, an attacker could execute arbitrary commands during the company’s build or CI pipeline, leading to full compromise of the environment.
Authorization Bypass via Response Manipulation
If an attacker could modify the response from that endpoint, they could impersonate an admin and perform unauthorized actions.
Logic Flaw Allows Unlimited Likes on Videos
A critical business logic vulnerability was discovered in redacted.com's video reaction system, enabling unlimited like inflation through GraphQL mutation replay attacks. The flaw allows any authenticated user to artificially boost engagement metrics by repeatedly sending the same "like" request, as the backend:
Paid Reports (0)
Critical
0
High
0
Medium
0
Low
0
None
0
Streak
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
May
Jun
Jul
Skills
Web
smart contract
apps
blockchain
Influenced Programs (2)
View all