PinnedMisconfiguration Leads to P1 XSSReflected XSS via Misconfiguration in Get ParameterOct 31, 20232Oct 31, 20232
HTB UNIV ctf 24 (Armaxix - WEB)In this writeup, we’ll explore a lab instead of focusing on a new bug in bug bounty. While CTF challenges teach us a lot, they often differ…Dec 17, 2024Dec 17, 2024
RCE via Dependency Confusion: A Real-World Attack on Unclaimed npm PackagesHacking Servers Through Misconfigured Node.js PackagesNov 5, 20243Nov 5, 20243
Uncovering Path Traversal Through Host MonitoringAutomating Host Monitoring for More TargetsOct 12, 2024Oct 12, 2024
Self-XSS via filename + CSRF on contact us ‘multipart/data’ formExploiting Filename Reflection and CSRF in Contact Forms: A Detailed RXSS WalkthroughMay 28, 20244May 28, 20244
Unlocking XSS Vulnerabilities: A Simple Technique for Bug HuntersSimple Trick To Get XSSSep 13, 2023Sep 13, 2023