achievement_unlocked
@maxiolivera ha resuelto
SSRF via HTML Injection in PDF Generation
BBLABS.ESLab Resuelto
DifícilVDP
// achievement_unlocked
SSRF via HTML Injection in PDF Generation
SSRF
may 2026
MA
solved_by@maxioliveraMiembro desde abr 2026
bblabs.es// real bug bounty practice
dificultad
Difícil
posición
#3
completados
3
sobre_el_hacker
El track record de @maxiolivera
labs resueltos
10
flags capturadas
9
// últimos labs resueltos
Insane$1,200
Stored XSS to Domain Takeover
may 2026
Insane$600
0-click-ATO — Account Takeover via OTP Brute Force + Email Case-Sensitivity Bypass
may 2026
Insane$600
DOM XSS via postMessage → eval (cross-origin admin pwn)
may 2026
Difícil$500
IDOR via Predictable Checkout IDs
may 2026
Difícil$50
IDOR + CORS Chain Attack
may 2026
DifícilVDP
Web Cache Deception & BAC in /uploads
may 2026