Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
541,636 coordinated disclosures
348,254 fixed vulnerabilities
816 bug bounties with 1,594 websites
16,694 researchers, 1133 honor badges

Taba | Security Researcher Profile


Security researcher Taba has already helped fix 9 vulnerabilities.



Researcher reputation:  40

Real name:
Mahmoud

How to contact me:
[email protected]

Alternative Contacts:
[email protected]

Certifications & Diplomas:
Bsc. in pharmacy

Award / Bug Bounty I prefer:
* Bug bounty via PayPal: [email protected]
* Hall of Fame.
* Acknowledgment.
* Recommendation on my profile.

Halls of Fame:
Mahmoud Elnagi

Follow me on:
Twitter

Recommendations and Acknowledgements

    2 March, 2020
     phistrom Phillip from The Stromberg Group:
We really appreciate your help identifying an XSS exploit on our website. Your responsible disclosure and example URL allowed us to immediately find and correct the problem. Thank you for your hard work to make the internet a safer place.
    17 February, 2020
     juunkwan juukwan from AID-DCC:
Thank you for your polite response.
It was very helpful.

Please login via Twitter to add a recommendation

Honor Badges


Number of Secured Websites

10+ Websites
50+ Websites
500+ Websites
WEB SECURITY VETERAN
1000+ Websites

Advanced Security Research

WAF Bypasser
CSRF Master
30+ Reports
AppSec Logic Master
30+ Reports
Fastest Fix
Fix in 24 hours

Outstanding Achievements

Secured OBB
OBB Advocate
Improved OBB

Commitment to Remediate and Patch

Patch Master
55% Patched
Patch Guru
65% Patched
Patch Lord
75% Patched

Recommendations and Recognition

REPUTABLE
10+ Recommends
FAMOUS
25+ Recommends
GLOBALLY TRUSTED
50+ Recommends

Distinguished Blog Author

1 Post
3 Posts
5+ Posts

Research Statistics



Total reports:63
Total reports on VIP sites:17
Total patched vulnerabilities:9
Total vulnerabilities on Hold (Open Bug Bounty):1
Recommendations received:2
Active since:12.02.2020



No posts in blog yet


Reported Vulnerabilities

All Submissions VIP SubmissionsFeatured Submissions

Domain Reported Status Type
11.04.2020
On Hold
Improper Access Control 
09.04.2020
unpatched
Cross Site Scripting
09.04.2020
unpatched
Cross Site Scripting
06.04.2020
unpatched
Cross Site Scripting
06.04.2020
unpatched
Cross Site Scripting
05.04.2020
unpatched
CSRF
05.04.2020
unpatched
Cross Site Scripting
05.04.2020
unpatched
Cross Site Scripting
04.04.2020
unpatched
Cross Site Scripting
03.04.2020
unpatched
Cross Site Scripting
03.04.2020
unpatched
Cross Site Scripting
03.04.2020
unpatched
Cross Site Scripting
03.04.2020
unpatched
Cross Site Scripting
03.04.2020
unpatched
Open Redirect
02.04.2020
unpatched
CSRF
02.04.2020
unpatched
CSRF
02.04.2020
unpatched
Cross Site Scripting
01.04.2020
unpatched
Cross Site Scripting
01.04.2020
unpatched
Cross Site Scripting
01.04.2020
unpatched
CSRF

  Latest Patched

 09.07.2020 axfc.net
 08.07.2020 arise.com
 08.07.2020 bloter.net
 08.07.2020 adzuna.com.au
 08.07.2020 tuniscope.com
 08.07.2020 jimms.fi
 08.07.2020 daniweb.com
 07.07.2020 wikizero.com
 07.07.2020 thimpress.com
 07.07.2020 kayqer.am

  Latest Blog Posts

24.06.2020 by Gkexamquiz
How to Find Contacts To Report Bugs & Security Vulnerabilities | Bug Bounty Tutorials 2020
24.06.2020 by 0xcrypto
Improper Access Control - Generic: Unrestricted access to any "connected pack" on docs in coda.io
04.04.2020 by Rando02355205
(Alibaba) message.alibaba.com [IDOR] - [Bug Bounty]
12.03.2020 by Rando02355205
(Paypal) www.paypal.com [CSP High Level] - [XSS Reflected] - [Bug Bounty] - [Write Up]
08.03.2020 by CybeReports
JDECO.net XSS Vulnerability| CybeReports

  Recent Recommendations

    8 July, 2020
     baladulan:
Armin, vielen Dank für deine Unterstützung!
    6 July, 2020
     aldraHastur:
Vielen Dank für den Hinweis, mit dem wir eine Lücke im System schließen konnten.
    4 July, 2020
     TadeuszWiew:
Thank you for finding and reporting the vulnerability on our website.
Great job! :)
    2 July, 2020
     booksprice:
Thank you for reporting the bug, and the clear details, much appreciated.
    1 July, 2020
     matthews8000:
Manish has correctly identified a vulnerability and suggested an appropriate fix. This has lead to an improvement in the security of the website.