| Introducing Wrapwrap: Using PHP Filters To Wrap A File With A Prefix And Suffix |
|
|
|
| Multiple Vulnerabilities In Extreme Networks ExtremeXOS |
|
|
|
| Ray, Versions 2.6.3, 2.8.0 |
|
|
|
| Zeal Wallet Browser Extension and Backend Security Audit Report (Q3 2023) |
|
|
|
| CVE-2023-33733 RCE via HTMLi in reportlab |
|
|
|
| mTLS: When certificate authentication is done wrong |
|
|
|
| Chained to hit: Discovering new vectors to gain remote and root access in SAP Enterprise Software |
|
|
|
| Escalating Privileges With SSRF |
|
|
|
| Chaining for Critical: Unauthorized to Cloud Administrator |
|
|
|
| Exploiting Non-Cloud SSRF for More Fun & Profit |
|
|
|
| Multiple vulnerabilities on Chamilo 1.11.18 |
|
|
|
| Libcurl CRLF |
|
|
|
| Exploiting HTTP Parsers Inconsistencies |
|
|
|
| Multiple vulnerabilities in Delmia Apriso 2017 to 2022 |
|
|
|
| Triple Threat: Breaking Teltonika Routers Three Ways |
|
|
|
| When Good APIs Go Bad: Uncovering 3 Azure API Management Vulnerabilities |
|
|
|
| My First Case of SSRF Using Dirsearch |
|
|
|
| Holiday Hunting With Aquatone |
|
|
|
| Found SSRF and LFI in Just 10 minutes of using burp! |
|
|
|
| How I got access to Essilor International company customer PII INFO by AWS metadata access through SSRF |
|
|
|
| SSRF Cross Protocol Redirect Bypass |
|
|
|
| Finding Hundreds of SSRF Vulnerabilities on AWS |
|
|
|
| The story of how I was able to chain SSRF with Command Injection Vulnerability |
|
|
|
| Attacking .NET Web Services |
|
|
|
| GitHub Security Lab audited DataHub: Here’s what they found |
|
|
|
writeups.xyz
/
SSRF