[GraphQL IDOR]Leaking credit card information of 1000s of users

The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover

Zomatoooo! IDOR in Saved Payments

Authorization bypass due to cache misconfiguration

How I got my first $13500 bounty through Parameter Polluting (HPP)

A Creative Way To Get Someones YouTube Videos Deleted + A Copyright Strike Against Their YouTube Channel