SQL Injection – When vulnerable column reflects in URL (Imunify360)
July 28th, 2019 📆 | 3362 Views ⚑
Vulnerability: SQL injection Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and
Author Archives: Vulnerables
Tagged with: column • imunify360 • injection • reflects • vulnerable
Stored XSS 1 in Jotform – Bug Bounty – (PoC)
April 16th, 2019 📆 | 3915 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
SQL injection to Shell Walkthrough – (Vulnhub)
April 8th, 2019 📆 | 5967 Views ⚑
Pentester Lab: From SQL injection to Shell Link of the machine: https://www.vulnhub.com/entry/pentester-lab-from-sql-injection-to-shell,80/ The Open Web Application Security Project (OWASP) is
Tagged with: injection • shell • vulnhub • walkthrough
CSRF account takeover – Bug Bounty – (PoC)
April 1st, 2019 📆 | 7451 Views ⚑
URL: http://shutterfly.com Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: account • bounty • takeover
SQL injection – Time/Boolean based blind Auto/Manual by Bot – (PoC)
February 27th, 2019 📆 | 6796 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: based • blind • boolean • injection • manual
Stored XSS with loop – (PoC)
February 12th, 2019 📆 | 6126 Views ⚑
Vulnerability: Cross-site scripting (Via Image upload) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is a
Tagged with: stored
File Upload XSS – Openbugbounty – (PoC)
January 21st, 2019 📆 | 3205 Views ⚑
URL: http://www.tribeofnoise.com Vulnerability: Cross-site scripting (Via Image upload) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP)
Tagged with: openbugbounty • upload
How to report CSRF via Openbugbounty
January 7th, 2019 📆 | 2654 Views ⚑
URL: http://fluence.io Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: openbugbounty • report
CSRF account takeover by 3tachiUchiha – Bug Bounty – (PoC)
December 14th, 2018 📆 | 4322 Views ⚑
URL: http://sientries.co.uk Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: 3tachiuchiha • account • bounty • takeover
Broken Authentication – Openbugbounty – (PoC)
November 28th, 2018 📆 | 5748 Views ⚑
URL: http://tribeofnoise.com Vulnerability: Broken Authentication Severity: High Owasp rank: (OTG-AUTHN-004) The Open Web Application Security Project (OWASP) is a worldwide
Tagged with: authentication • broken • openbugbounty
CSRF account takeover Explained – Manual/Automated – Bug Bounty – (PoC)
October 20th, 2018 📆 | 3062 Views ⚑
URL: http://openmenu.com Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: account • automated • bounty • explained • manual • takeover
Stored XSS in Freshbooks – Bug Bounty – (PoC)
September 10th, 2018 📆 | 3797 Views ⚑
URL: https://www.freshbooks.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • freshbooks • stored
Stored XSS 2 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 8476 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 3 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 8243 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 4 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 7939 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 5 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 5871 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
SQL injection – Base64 encode decode – (Mod_security WAF bypass)
June 12th, 2018 📆 | 4882 Views ⚑
Vulnerability: SQL injection (WAF bypass) Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide
Tagged with: base64 • bypass • decode • encode • injection • security
SQL injection – Find vulnerable column behind image
May 15th, 2018 📆 | 7071 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: behind • column • image • injection • vulnerable
SQL injection – injecting tourism website running codeigniter
May 1st, 2018 📆 | 5139 Views ⚑
Vulnerable URL: https://www.gujarattourism.com/ Vulnerability: SQLi (No WAF) Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is
Tagged with: codeigniter • injecting • injection • running • tourism • website
SQL injection – Get Server MAC, HOSTNAME – (WAF bypass)
March 31st, 2018 📆 | 7331 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: bypass • hostname • injection • server
12
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
GitLab 11.4.7 – Remote Code Execution (Authenticated) December 20, 2020 # Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…- Oracle Solaris SunSSH PAM parse_user_name() Buffer… December 18, 2020 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…
Members
Comments