Smuggling an (Un)exploitable XSS
Smuggling an (Un)exploitable XSS This is the story about how I’ve chained a seemingly uninteresting request smuggling vulnerability with an even more uninte...
Recent posts
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails You have probably read one or more blog posts about SSRFs, many being escalated to RCE. Wh...
Bug Bounty Platforms vs. GDPR: A Case Study
What Do Bug Bounty Platforms Store About Their Hackers? I do care a lot about data protection and privacy things. I’ve also been in the situation, where a bu...
H1-4420: From Quiz to Admin - Chaining Two 0-Days to Compromise An Uber Wordpress
TL;DR While doing recon for H1-4420, I stumbled upon a Wordpress blog that had a plugin enabled called SlickQuiz. Although the latest version 1.3.7.1 was ins...
About a Sucuri RCE…and How Not to Handle Bug Bounty Reports
TL;DR Sucuri is a self-proclaimed “most recommended website security service among web professionals” offering protection, monitoring and malware removal se...