| How I Found XSS In Another Govt. Site :: NCIIPC VDP !! |
|
|
|
| 20 Security Issues Found in Xiaomi Devices |
|
|
|
| Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Site |
|
|
|
| Taking over accounts in multiple ways |
|
|
|
| Bypassing DOMPurify with good old XML |
|
|
|
| From ChatBot To SpyBot: ChatGPT Post Exploitation |
|
|
|
| The story of exposed service, SSRF, CSP bypass and credentials stealing via XSS |
|
|
|
| DOM Purify - untrusted Node bypass |
|
|
|
| The Art of Intrusion: File Upload Bypass & WAF XSS Evasion in AWS S3 Demystified |
|
|
|
| OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways |
|
|
|
| From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Security |
|
|
|
| Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild |
|
|
|
| Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities (CVE-2024-21726) |
|
|
|
| XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT |
|
|
|
| Null Byte on Steroids |
|
|
|
| Back to the (Clip)board with Microsoft Whiteboard and Excalidraw in Meta (CVE-2023-26140) |
|
|
|
| Who are you? The Importance of Verifying Message Origins |
|
|
|
| Hunting for Prototype Pollution gadgets in jQuery (intigriti 0124 challenge) |
|
|
|
| CVE-2023-5480: Chrome new XSS Vector |
|
|
|
| Rook to XSS: How I hacked chess.com with a rookie exploit |
|
|
|
| CVE-2022-40361 Writeup |
|
|
|
| XSS to OAuth access token leak in office online which can be used to account takeover |
|
|
|
| Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities |
|
|
|
| The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../” |
|
|
|
| Hacking ISP CPE equipment: FiberHome |
|
|
|
writeups.xyz
/
XSS