Category: Mix

Client-side path traversal vulnerability class explained – $6,580 GitLab bug bounty Source link

How long does it take for a bug to get squashed, or for a pull request to be merged? What…

Axiom Demo – Resolving 6 million domains in 5 minutes with 100 instances! Source link

So you want to be a hack super star? And live large, a big house, five cars. Let me preface…

Over the last ten years, we have seen the industrialization of the content management space. A decade ago, it felt…

The Vulnerability The Apache Tomcat team announced today that all Tomcat versions before 9.0.1 (Beta), 8.5.23, 8.0.47 and 7.0.82 contain…

This post is an overview of a mobile app MitM vulnerability I’ve found several times in the real world. I’ll…

Impact When using –userns-remap, if the root user in the remapped namespace has access to the host filesystem they can…

Compromising an unreachable Solr server with CVE-2013-6397 I recently did a pentest where I compromised a Solr server located several…

The Wallarm Detect team has found exploit attempts in the wild of CVE-2022-31678 and CVE-2021-39144. The original vulnerabilities were found…

How to conduct a basic security code review | Security Simplified Source link

Two solutions for the January 2021 Initigriti XSS Challenge Source link