writeups.xyz
/
Josh Fam (@Pullerze)
Title
Vulnerabilities
Programs
Authors
Bypassing CORS configurations to produce an Account Takeover for Fun and Profit
CORS Misconfiguration
Account Takeover
Undisclosed
Josh Fam (@Pullerze)
Web Cache Poisoning to Account Takeover
Web Cache Poisoning
Account Takeover
Undisclosed
Josh Fam (@Pullerze)
How I was able to Turn a XSS into a Account Takeover
Web Cache Poisoning
Stored XSS
Account Takeover
OAuth
Logic Flaw
Undisclosed
Josh Fam (@Pullerze)
OpenEMR 5.0.1.3 Arbitrary File Actions
Arbitrary File Write
Arbitrary File Read
Security Code Review
OpenEMR
Josh Fam (@Pullerze)
Page 1 of 1
writeups.xyz
/
Josh Fam (@Pullerze)