All authors

Yashar Shahinzadeh

Security Enthusiast

I spend my spare time on bug bounty and research. I've been working in this field for more than 20 years. Still fascinating.

TwitterGithubEmail
— Posts 13 / 13
  1. 2026 · 06 · 09

    Three 0-Day Vulnerabilities in Adminer
  2. 2026 · 06 · 03

    My First RCE by Reverse Engineering an EXE File With the Help of AI
  3. 2026 · 05 · 19

    Two cPanel Zero Day Vulnerabilities
  4. 2026 · 03 · 21

    Story of Abusing a Fully Secured redirect_uri in an OAuth Flow
  5. 2026 · 02 · 23

    uXSS on Samsung Browser [CVE-2025-58485 · SVE-2025-1879]
  6. 2025 · 08 · 09

    Hacking Veeam: Several CVEs and $30k Bounties
  7. 2025 · 06 · 01

    Puny-Code, 0-Click Account Takeover
  8. 2025 · 02 · 15

    CSS Data Exfiltration to Steal OAuth Token
  9. 2024 · 11 · 19

    From an Android Hook to RCE: $5000 Bounty
  10. 2024 · 10 · 23

    A Weird CSP Bypass led to $3.5k Bounty
  11. 2024 · 10 · 11

    Drilling the redirect_uri in OAuth
  12. 2024 · 09 · 17

    Account Takeover due to DNS Rebinding
  13. 2023 · 10 · 20

    Bug Bounty Roadmap from Scratch