My Bug Bounty Journey and My First Critical Bug — Time Based Blind SQL Injection

Directory Traversal, SQL Injection and Server-Side Request Forgery

Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670

Bypassing airport security via SQL injection

World of SELECT-only PostgreSQL Injections: (Ab)using the filesystem

Exploiting authorization by nonce in WordPress plugins