Open in app

Sign In

Write

Sign In

0xbadb00da
0xbadb00da

53 Followers

Home

About

Jun 23, 2021

Information disclosure and why understanding the logic is crucial

All the actions described in the article were performed with the permission of the site owner as the part of vulnerability tests. In the previous blog post I covered the findings related to temporary file upload, but let’s further and check if we can do something with the final file…

Writeup

3 min read

Information disclosure and why understanding the logic is crucial
Information disclosure and why understanding the logic is crucial
Writeup

3 min read


Jun 17, 2021

Account takeover via stored XSS with arbitrary file upload

All the actions described in the article were performed with the permission of the site owner as the part of vulnerability tests. Requests text was modified with respect to the test subject privacy. Prehistory Some time ago I found a suspicious behavior on the file upload to the site. Spoiler: I…

Bug Bounty

5 min read

Account takeover via stored XSS with arbitrary file upload
Account takeover via stored XSS with arbitrary file upload
Bug Bounty

5 min read

0xbadb00da

0xbadb00da

53 Followers

Infosec newbie

Following
  • Thexssrat

    Thexssrat

  • Ivan Novikov

    Ivan Novikov

  • Sai Krishna Kothapalli

    Sai Krishna Kothapalli

  • Pravinrp

    Pravinrp

  • Кирилл Николаев

    Кирилл Николаев

See all (11)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech