Skip to content
Warning
: Trying to access array offset on value of type null in
/home/bugbount/public_html/wp-content/plugins/citadela-pro/plugin/Custom_Header/Feature.php
on line
309
BugBountyBlog.com
Let's see what this Bug Bounty thing is all about
Home
Blog
Bug Bounty Resources
Bug Bounty Tips
Bug Bounty Recon
Bug Bounty Dorks
Bug Bounty News Feed
Contact
Blind Stored XSS in shopify internal Parquet Viewer
Posted on
February 9, 2024
by
bugbounty
Shopify disclosed a bug submitted by testingforbugs: https://hackerone.com/reports/1103298
[
Source
]
Post navigation
xmlrpc.php &wp-cron.php files are enabled, and will used for (DDOS),(DOS) and broutforce users attack.
File listing through scripts folder