achievement_unlocked
@maxiolivera ha resuelto
Web Cache Deception & BAC in /uploads
BBLABS.ESLab Resuelto
DifícilVDP
// achievement_unlocked
Web Cache Deception & BAC in /uploads
Auth BypassBAC
may 2026
MA
solved_by@maxioliveraMiembro desde abr 2026
bblabs.es// real bug bounty practice
dificultad
Difícil
posición
#4
completados
4
sobre_el_hacker
El track record de @maxiolivera
labs resueltos
10
flags capturadas
9
// últimos labs resueltos
Insane$1,200
Stored XSS to Domain Takeover
may 2026
Insane$600
0-click-ATO — Account Takeover via OTP Brute Force + Email Case-Sensitivity Bypass
may 2026
Insane$600
DOM XSS via postMessage → eval (cross-origin admin pwn)
may 2026
Difícil$500
IDOR via Predictable Checkout IDs
may 2026
Difícil$50
IDOR + CORS Chain Attack
may 2026
DifícilVDP
Web Cache Deception & BAC in /uploads
may 2026