6:["$","$L2f",null,{"initialItems":[{"postId":"68ad3d69941ce7d2cc1011d1","slug":"from-latex-injection-to-rce-a-real-bug-bounty-case","title":"From LaTeX Injection to RCE: A Real Bug Bounty Case","publishedAt":"2025-08-26T04:51:53.209Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/from-latex-injection-to-rce-a-real-bug-bounty-case/68ac2cbf9f3f7b53ce6b4fdb/comment/68ac6a8201f43c5cfe4f1fc2#reply-68ad3d69941ce7d2cc1011d1","parentThreadTitle":"From LaTeX Injection to RCE: A Real Bug Bounty Case","parentThreadSlug":"from-latex-injection-to-rce-a-real-bug-bounty-case","parentThreadHref":"/posts/from-latex-injection-to-rce-a-real-bug-bounty-case/68ac2cbf9f3f7b53ce6b4fdb","contentHtml":"

Yes, and that is the unclear thing i insist the triages to provide more info.

\n","upvotes":0},{"postId":"68a6a2bdcf1e844e257c9484","slug":"hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor","title":"Hunting Vulnerabilities and Securing MizbanApp: Mass Assignment & IDOR","publishedAt":"2025-08-21T04:38:21.198Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor/68a44d485affed0780433308/comment/68a600d7fde708f14500b8de#reply-68a6a2bdcf1e844e257c9484","parentThreadTitle":"Hunting Vulnerabilities and Securing MizbanApp: Mass Assignment & IDOR","parentThreadSlug":"hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor","parentThreadHref":"/posts/hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor/68a44d485affed0780433308","contentHtml":"

Thanks\nYes, I know. \nThey said it is patched in staging app, and will implement a fix to the main app soon.\nHappy to see that you tested by yourself, do not make any malicious action man :)

\n","upvotes":0},{"postId":"68a6a24387cb5557865321e9","slug":"hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor","title":"Hunting Vulnerabilities and Securing MizbanApp: Mass Assignment & IDOR","publishedAt":"2025-08-21T04:36:19.404Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor/68a44d485affed0780433308/comment/68a5e37b29f21c2426cd06af#reply-68a6a24387cb5557865321e9","parentThreadTitle":"Hunting Vulnerabilities and Securing MizbanApp: Mass Assignment & IDOR","parentThreadSlug":"hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor","parentThreadHref":"/posts/hunting-vulnerabilities-and-securing-mizbanapp-mass-assignment-and-idor/68a44d485affed0780433308","contentHtml":"

Thank you for reading this :)

\n","upvotes":0},{"postId":"685b77103387490167d92b8d","slug":"4500-bounties-on-a-single-web-application-api-hacking","title":"4500$ bounties on a single Web Application (API Hacking)","publishedAt":"2025-06-25T04:12:00.272Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71/comment/685b410ffb290cf08ac250d4#reply-685b77103387490167d92b8d","parentThreadTitle":"4500$ bounties on a single Web Application (API Hacking)","parentThreadSlug":"4500-bounties-on-a-single-web-application-api-hacking","parentThreadHref":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71","contentHtml":"

Thanks for your kind words, I much appreciate it.

\n","upvotes":0},{"postId":"685983f61706ca108a89bc25","slug":"is-csrf-dead-discovering-and-exploiting-csrf-vulnerabilities-in-modern-web-apps","title":"Is CSRF Dead? Discovering and Exploiting CSRF vulnerabilities in Modern Web Apps","publishedAt":"2025-06-23T16:42:30.321Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/is-csrf-dead-discovering-and-exploiting-csrf-vulnerabilities-in-modern-web-apps/68554a29aed28609fed4dd8a/comment/68566a865654508d6907d0bc#reply-685983f61706ca108a89bc25","parentThreadTitle":"Is CSRF Dead? Discovering and Exploiting CSRF vulnerabilities in Modern Web Apps","parentThreadSlug":"is-csrf-dead-discovering-and-exploiting-csrf-vulnerabilities-in-modern-web-apps","parentThreadHref":"/posts/is-csrf-dead-discovering-and-exploiting-csrf-vulnerabilities-in-modern-web-apps/68554a29aed28609fed4dd8a","contentHtml":"

Thanks man, Sure:)

\n","upvotes":0},{"postId":"67e776f3052f0679fc8f8154","slug":"2500-dollars-in-bounties-hacking-graphql","title":"2500 Dollars in bounties, Hacking GraphQL","publishedAt":"2025-03-29T04:28:35.977Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/2500-dollars-in-bounties-hacking-graphql/67e6c778436074e978b6be19/comment/67e6e53b77a90e5caf909786#reply-67e776f3052f0679fc8f8154","parentThreadTitle":"2500 Dollars in bounties, Hacking GraphQL","parentThreadSlug":"2500-dollars-in-bounties-hacking-graphql","parentThreadHref":"/posts/2500-dollars-in-bounties-hacking-graphql/67e6c778436074e978b6be19","contentHtml":"

Thanks!

\n","upvotes":0},{"postId":"67e776dad96266479ed133f9","slug":"2500-dollars-in-bounties-hacking-graphql","title":"2500 Dollars in bounties, Hacking GraphQL","publishedAt":"2025-03-29T04:28:10.724Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/2500-dollars-in-bounties-hacking-graphql/67e6c778436074e978b6be19/comment/67e6e2cc586fcca2b283803f#reply-67e776dad96266479ed133f9","parentThreadTitle":"2500 Dollars in bounties, Hacking GraphQL","parentThreadSlug":"2500-dollars-in-bounties-hacking-graphql","parentThreadHref":"/posts/2500-dollars-in-bounties-hacking-graphql/67e6c778436074e978b6be19","contentHtml":"

Thanks, glad to hear that!

\n","upvotes":0},{"postId":"67238894dde08b392f1958a5","slug":"4500-bounties-on-a-single-web-application-api-hacking","title":"4500$ bounties on a single Web Application (API Hacking)","publishedAt":"2024-10-31T13:39:32.383Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71/comment/67237c69ecfe2b0883c56a87#reply-67238894dde08b392f1958a5","parentThreadTitle":"4500$ bounties on a single Web Application (API Hacking)","parentThreadSlug":"4500-bounties-on-a-single-web-application-api-hacking","parentThreadHref":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71","contentHtml":"

Thank you! 🙏 Your kind words mean a lot to me. Perseverance is key, and I'm grateful for the support from amazing people like you. Let’s keep striving for our goals together

\n","upvotes":0},{"postId":"67232eb5d842564d951fa768","slug":"4500-bounties-on-a-single-web-application-api-hacking","title":"4500$ bounties on a single Web Application (API Hacking)","publishedAt":"2024-10-31T07:16:05.645Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71/comment/6723089ce92b4b0741465cca#reply-67232eb5d842564d951fa768","parentThreadTitle":"4500$ bounties on a single Web Application (API Hacking)","parentThreadSlug":"4500-bounties-on-a-single-web-application-api-hacking","parentThreadHref":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71","contentHtml":"

Thank you so much! 🙌 I'm thrilled to hear that you found it inspiring. If you're interested in diving in, just go for it! The journey is rewarding, and I'm here if you have any questions along the way. Let’s keep pushing each other to achieve great things.

\n","upvotes":0},{"postId":"6722fb540b3b9091b44e94c6","slug":"4500-bounties-on-a-single-web-application-api-hacking","title":"4500$ bounties on a single Web Application (API Hacking)","publishedAt":"2024-10-31T03:36:52.860Z","authorName":"Ali Hussainzada","authorUsername":"koalasec","authorAvatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp","commentType":"reply","commentSource":"post","commentPermalink":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71/comment/6722f9a0df77a3f7f61b5e0d#reply-6722fb540b3b9091b44e94c6","parentThreadTitle":"4500$ bounties on a single Web Application (API Hacking)","parentThreadSlug":"4500-bounties-on-a-single-web-application-api-hacking","parentThreadHref":"/posts/4500-bounties-on-a-single-web-application-api-hacking/67224f2c1a24c8e7bcdc8a71","contentHtml":"

Thank you! It really means a lot. I’m definitely motivated to keep pushing for more wins. Wishing you all the success in your own journey too :)

\n","upvotes":0}],"initialHasMore":true,"loadMoreUrl":"/api/profile/comments?limit=10&userId=66e18b5db61b2fb9880e0ce2","author":{"name":"Ali Hussainzada","username":"koalasec","avatarUrl":"https://cdn.hashnode.com/res/hashnode/image/upload/v1726064924469/5a7a1283-a7e4-4528-9415-34bbfc22a030.png?w=80&h=80&fit=crop&crop=faces&w=500&h=500&fit=crop&crop=entropy&auto=compress,format&format=webp&auto=compress,format&format=webp"}}]

Ali Hussainzada

About

Available for

Ali Hussainzada's blogs

Search Hashnode

Ali Hussainzada

About

Available for

Ali Hussainzada's blogs