WordPress Transposh: Exploiting a Blind SQL Injection via XSS
Introduction You probably have read about my recent swamp of CVEs affecting a WordPress plugin called Transposh Translation Filter, which resulted in more th...
Recent posts
AWAE Course and OSWE Exam Review
Introduction This is a review of the Advanced Web Attacks and Exploitation (WEB-300) course and its OSWE exam by Offensive-Security. I’ve taken this course b...
Smuggling an (Un)exploitable XSS
Smuggling an (Un)exploitable XSS This is the story about how I’ve chained a seemingly uninteresting request smuggling vulnerability with an even more uninte...
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails You have probably read one or more blog posts about SSRFs, many being escalated to RCE. Wh...
Bug Bounty Platforms vs. GDPR: A Case Study
What Do Bug Bounty Platforms Store About Their Hackers? I do care a lot about data protection and privacy things. I’ve also been in the situation, where a bu...