| Chained to hit: Discovering new vectors to gain remote and root access in SAP Enterprise Software |
|
|
|
| Making HTTP header injection critical via response queue poisoning |
|
|
|
| Chaining password reset link poisoning, IDOR, and information leakage to achieve account takeover at api.redacted.com |
|
|
|
| Fun with Header and Forget Password |
|
|
|
| ESI Injection Part 2: Abusing specific implementations |
|
|
|
writeups.xyz
/
HTTP Header Injection