| MongoDB NoSQL Injection with Aggregation Pipelines |
|
|
|
| Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899 & CVE-2023-36560) |
|
|
|
| Anchor Tag XSS Exploitation in Firefox with Target=”_blank” |
|
|
|
| Thirteen Years On: Advancing the Understanding of IIS Short File Name (SFN) Disclosure! |
|
|
|
| Yet Other Examples of Abusing CSRF in Logout |
|
|
|
| Story of my two (but actually three) RCEs in SharePoint in 2018 |
|
|
|
writeups.xyz
/
Soroush Dalili (@Irsdl)