Stealing OAuth tokens of connected Microsoft accounts via open redirect in Harvest App October 21, 2023 ◦ 4 min ◦ Security #OAuth #Open Redirect #Harvest #HackerOne #Microsoft #Token Leak #Bug Bounty
Breaking The Mutant Language's "Encryption (Writeup)" August 15, 2023 ◦ 22 min ◦ Security #Mutant Programming Language #AppSec Village #DEF CON 31 #CTF^2 #encryption #decompiler #reverse engineering
CraftCMS Zero-day Chain: XSS to SSTI triggering RCE Public Disclosure of CVE-2021-27902 and CVE-2021-27903 July 29, 2021 ◦ 14 min ◦ Security #CraftCMS #XSS #SSTI #RCE #bug bounty #stored cross site scripting #server side template injection #remote code execution #CVE-2021-27902 #CVE-2021-27903
FILTER_VALIDATE_URL bypass in PHP 8 July 16, 2021 ◦ 1 min ◦ Security #php #filter_validate_url #bypass #SSRF #Huntr #bug bounty #CVE-2021-21705
Untrusted code execution in PHPMailer July 10, 2021 ◦ 1 min ◦ Security #untrusted code execution #PHPMailer #Huntr #bug bounty #CVE-2021-3603 #PHP
active_url validation check bypass in Laravel June 12, 2021 ◦ 1 min ◦ Security #laravel #validation #bypass #active_url #Huntr #bug bounty
POP Gadget using function injection in RequiredIf June 12, 2021 ◦ 1 min ◦ Security #laravel #validation #gadget chain #RequiredIf #Huntr #bug bounty
Code Execution via Cross Site Scripting in Tagspaces (A file manager) June 11, 2021 ◦ 1 min ◦ Security #code execution #cross site scripting #TagSpaces #Huntr #bug bounty
Relative Path Traversal in Flarum using fake OAuth Provider June 11, 2021 ◦ 1 min ◦ Security #path traversal #Flarum #Huntr #bug bounty #OAuth Provider
XSS in Unified Transform (A school management software) May 18, 2021 ◦ 1 min ◦ Security #cross site scripting #Unified Transform #Huntr #bug bounty #stored cross site scripting #school management software #account takeover
Stored Cross Site Scripting in October CMS April 3, 2021 ◦ 1 min ◦ Security #cross site scripting #October CMS #Huntr #bug bounty #stored cross site scripting
Cross Site Scripting in digidocu March 30, 2021 ◦ 1 min ◦ Security #cross site scripting #digidocu #Huntr #bug bounty #stored xss
Internal IP Address leak in Misconfigured WordPress to bypass WAF December 27, 2020 ◦ 3 min ◦ Security #wordpress #web application firewall #cloudflare #ip address disclosure #open redirect #wp_safe_redirect #wp_validate_redirect #wp_redirect #wp_home #wp_siteurl
Account Takeover on unverified emails in File Sync & Share in Acronis June 24, 2020 ◦ 1 min ◦ Security #account takeover #unverified emails #File Sync & Share #Acronis #HackerOne #bug bounty
Open Redirect in Flattr June 11, 2020 ◦ 1 min ◦ Security #open redirect #Flattr #bug bounty #HackerOne #bugbountytips
Unrestricted access to any "connected pack" in docs in coda.io June 24, 2020 ◦ 1 min ◦ security #Broken Access Control #coda.io #HackerOne #bug bounty #trial feature #coda connected pack