burp-suite 8
- Information Disclosure – Sensitive Debug Header Leakage via Response Metadata | Header Hunt
- Command Injection & Broken Function Level Authorization | NewsForge
- Local File Inclusion via PHP Stream Wrappers | DocketHive
- Mass Assignment Leading to Admin Account Creation | Trellis
- Command Injection via Filename Parameter Leading to Remote Code Execution | Quotin
- IDOR in Order Access – Unauthorized Order Data Exposure | Hartwood
- Race Condition in Cart and Checkout Flow – Multi-Item Purchase for Single Charge | Cafe Club
- SQL Injection – UNION-Based Credential Extraction via Profile API | Ottergram