LFR via SSRF in BookStack
Here we present in detail a vulnerability we discovered in BookStack v23.10.2, along with the steps to follow to replicate the exploit ... Read More
RCE in PaperCut MF/NG via CSRF
Here we present in detail a vulnerability we discovered in PaperCut MF/NG v22.0.10, along with the steps to follow to replicate the exploit ... Read More
UXSS to Account Takeover in Rushbet
In this blog post, we present in detail a vulnerability we discovered in Rushbet v2022.23.1-b490616d, along with the steps to follow to replicate the exploit ... Read More
Account Takeover in KAYAK
In this blog post, I present in detail a zero-day vulnerability I discovered in KAYAK v161.1, along with the steps to follow to replicate the exploit ... Read More
