SQL Injection – When vulnerable column reflects in URL (Imunify360)
July 28th, 2019 📆 | 2941 Views ⚑
Vulnerability: SQL injection Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and
Author Archives: Vulnerables
Tagged with: column • imunify360 • injection • reflects • vulnerable
Stored XSS 1 in Jotform – Bug Bounty – (PoC)
April 16th, 2019 📆 | 2690 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
SQL injection to Shell Walkthrough – (Vulnhub)
April 8th, 2019 📆 | 2520 Views ⚑
Pentester Lab: From SQL injection to Shell Link of the machine: https://www.vulnhub.com/entry/pentester-lab-from-sql-injection-to-shell,80/ The Open Web Application Security Project (OWASP) is
Tagged with: injection • shell • vulnhub • walkthrough
CSRF account takeover – Bug Bounty – (PoC)
April 1st, 2019 📆 | 2399 Views ⚑
URL: http://shutterfly.com Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: account • bounty • takeover
SQL injection – Time/Boolean based blind Auto/Manual by Bot – (PoC)
February 27th, 2019 📆 | 2504 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: based • blind • boolean • injection • manual
Stored XSS with loop – (PoC)
February 12th, 2019 📆 | 6369 Views ⚑
Vulnerability: Cross-site scripting (Via Image upload) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is a
Tagged with: stored
File Upload XSS – Openbugbounty – (PoC)
January 21st, 2019 📆 | 5894 Views ⚑
URL: http://www.tribeofnoise.com Vulnerability: Cross-site scripting (Via Image upload) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP)
Tagged with: openbugbounty • upload
How to report CSRF via Openbugbounty
January 7th, 2019 📆 | 8026 Views ⚑
URL: http://fluence.io Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: openbugbounty • report
CSRF account takeover by 3tachiUchiha – Bug Bounty – (PoC)
December 14th, 2018 📆 | 4017 Views ⚑
URL: http://sientries.co.uk Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: 3tachiuchiha • account • bounty • takeover
Broken Authentication – Openbugbounty – (PoC)
November 28th, 2018 📆 | 3481 Views ⚑
URL: http://tribeofnoise.com Vulnerability: Broken Authentication Severity: High Owasp rank: (OTG-AUTHN-004) The Open Web Application Security Project (OWASP) is a worldwide
Tagged with: authentication • broken • openbugbounty
CSRF account takeover Explained – Manual/Automated – Bug Bounty – (PoC)
October 20th, 2018 📆 | 6224 Views ⚑
URL: http://openmenu.com Vulnerability: Cross site request forgery (CSRF) Severity: High Owasp rank: (OTG-SESS-005) The Open Web Application Security Project (OWASP)
Tagged with: account • automated • bounty • explained • manual • takeover
Stored XSS in Freshbooks – Bug Bounty – (PoC)
September 10th, 2018 📆 | 7150 Views ⚑
URL: https://www.freshbooks.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • freshbooks • stored
Stored XSS 2 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 6928 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 3 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 2360 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 4 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 7917 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
Stored XSS 5 in Jotform – Bug Bounty – (PoC)
July 13th, 2018 📆 | 8068 Views ⚑
URL: https://www.jotform.com Vulnerability: Cross-site scripting (stored XSS) Severity: High Owasp rank: (OTG-INPVAL-002) The Open Web Application Security Project (OWASP) is
Tagged with: bounty • jotform • stored
SQL injection – Base64 encode decode – (Mod_security WAF bypass)
June 12th, 2018 📆 | 3359 Views ⚑
Vulnerability: SQL injection (WAF bypass) Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide
Tagged with: base64 • bypass • decode • encode • injection • security
SQL injection – Find vulnerable column behind image
May 15th, 2018 📆 | 2853 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: behind • column • image • injection • vulnerable
SQL injection – injecting tourism website running codeigniter
May 1st, 2018 📆 | 6222 Views ⚑
Vulnerable URL: https://www.gujarattourism.com/ Vulnerability: SQLi (No WAF) Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is
Tagged with: codeigniter • injecting • injection • running • tourism • website
SQL injection – Get Server MAC, HOSTNAME – (WAF bypass)
March 31st, 2018 📆 | 1521 Views ⚑
Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project (OWASP) is a worldwide free and open
Tagged with: bypass • hostname • injection • server
SQL injection – Hex Unhex – when illegel mix of collation for operation union – Hexac0de
February 22nd, 2018 📆 | 2567 Views ⚑
Hexac0de lab: https://hexac0de.net (Thanks to https://t.me/kirinhooman, https://www.facebook.com/eSecHax0r) Vulnerability: SQLi Severity: High Owasp rank: (OTG-INPVAL-005) The Open Web Application Security Project
Tagged with: collation • hexac0de • illegel • injection • operation • unhex • union
Open redirect in Informatica – Bug Bounty – (PoC)
November 6th, 2017 📆 | 2296 Views ⚑
Vulnerability: Open redirect Severity: Medium Owasp Rank: (OTG-CLIENT-004) #TDWFB #TheDayWeFightBack 2017-11-06 04:43:04 source
Tagged with: bounty • informatica • redirect
Find XSS vulnerability with burpsuite's xssValidator
October 16th, 2017 📆 | 6806 Views ⚑
xssValidator is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. Download link : https://github.com/nVisium/xssValidator
Tagged with: burpsuite • vulnerability • xssvalidator
bWAPP – Reflected XSS (JSON)
October 6th, 2017 📆 | 2941 Views ⚑
Vulnerability: Reflected XSS (JSON) Owasp rank: (OTG-INPVAL-001) Severity: High Download bWAPP: http://www.itsecgames.com/ bWAPP, or a buggy web application, is a
Tagged with: bwapp • reflected
12
Popular
Cabot 0.11.12 – Persistent Cross-Site Scripting September 7, 2020 # Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting #…
CyberRisk Alliance Acquires Security Weekly September 8, 2020 NEW YORK, Sept. 08, 2020 (GLOBE NEWSWIRE) -- CyberRisk Alliance…
Dominic Cummings’ plan to build UK Google… September 10, 2020 UK Prime Minister Boris Johnson's top adviser, Dominic Cummings, is…
Zerologon Proof Of Concept September 17, 2020 Proof of concept exploit for the Windows Zerologon vulnerability as…
Windows XP Source Code Leaked By Apparent Bill Gates… September 25, 2020 It’s probably not the biggest security issue that Microsoft is…
European ISPs report mysterious wave of DDoS attacks September 5, 2020 More than a dozen internet service providers (ISPs) across Europe…
UHS hospital network hit by ransomware attack September 28, 2020 Universal Health Services (UHS), a Fortune 500 company and one…
Members
Comments