| Pulling SYSTEM out of Windows GINA |
|
|
|
| Bypassing Okta SSO=> HTTPS/HTTP |
|
|
|
| Unleashing the Cloud: A Journey into Hacking College Servers and Uncovering Security Vulnerabilities |
|
|
|
| Admin Panel Bypass without the credentials |
|
|
|
| What is kong & why we’re relying on it |
|
|
|
| PwnAssistant - Controlling /home's Via A Home Assistant RCE |
|
|
|
| Redash SAML Authentication Bypass |
|
|
|
| How careless default credentials impact to massive account takeover |
|
|
|
| A Big company Admin Panel takeover $4500 |
|
|
|
| Multiple Critical Vulnerabilities In Strapi Versions <=4.7.1 |
|
|
|
| SecurePwn Part 1: Bypassing SecurePoint UTM’s Authentication (CVE-2023-22620) |
|
|
|
| How I was able to change password of any corporate user |
|
|
|
| CVE-2022-36413 Unauthorized Reset Password of Zoho ManageEngine ADSelfService Plus |
|
|
|
| [Account Takeover] Don’t Send a Message to anyone Before Reading This [External Audit] |
|
|
|
| Authentication Bypass Vulnerability in Mura CMS and Masa CMS (CVE-2022-47003 and CVE-2022-47002) |
|
|
|
| Insecure Toyota CRM exposed Mexican customer information |
|
|
|
| Remote Stealth Brute-force of Oracle Database Passwords |
|
|
|
| GitHub Security Lab audited DataHub: Here’s what they found |
|
|
|
| Traveling with OAuth - Account Takeover on Booking.com |
|
|
|
| How I Earned $1800 for finding a (Business Logic) Account Takeover Vulnerability? |
|
|
|
| Bypassing SSO Authentication from the Login Without Password Feature Lead to Account Takeover |
|
|
|
| Technical Advisory – Azure B2C – Crypto Misuse and Account Compromise |
|
|
|
| Hacking our way into internal DBs with hardcoded authentication keys |
|
|
|
| Hacking into Toyota’s global supplier management network |
|
|
|
| Authentication Bypass in Izanami Docker image 1.10.22 CVE-2023-22495 |
|
|
|
writeups.xyz
/
Authentication Bypass