Skip to content

Houzz Security Hall of Fame: Blind Based SQL Injection (SQLI)

In 2016, I discovered a blind based SQL injection (SQLI) vulnerability on the Houzz website.

Daniel Kelley
Daniel Kelley
Houzz Security Hall of Fame: Blind Based SQL Injection (SQLI)

Table of Contents

In 2016, I discovered a blind based SQL injection (SQLI) vulnerability on the https://www.houzz.com/ website.

bug bounty hunting
Daniel Kelley

Daniel Kelley Twitter

I'm a reformed black hat computer hacker that has contributed to over 100 bug bounty programs.

Comments

Related Posts

Members Public

Open Bug Bounty: 3048 Patched Vulnerabilities

Over a 36 month period, I helped remediate 3048 vulnerabilities through Open Bug Bounty.

Open Bug Bounty: 3048 Patched Vulnerabilities
Members Public

BBC Security Hall of Fame: Reflective XSS Vulnerability

In 2018, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on the homepage of the BBC.

BBC Security Hall of Fame: Reflective XSS Vulnerability
Members Public

University of Twente Security Hall of Fame: Remote Command Execution (RCE)

In 2018, I discovered a remote command execution (RCE) vulnerability on University of Twente's website.

University of Twente Security Hall of Fame: Remote Command Execution (RCE)