Posts

RITSEC CTF 2019 - Write-up

CVE-2019-16662 & CVE-2019-16663 - Unauthenticated remote code execution vulnerabilities in rConfig (All versions)

Multiple unauthenticated remote code execution vulnerabilities in YouPHPTube-Encoder 2.3

CVE-2019-16278 - Unauthenticated Remote Code Execution in Nostromo web server

Multiple SQL injections in LabCollector from 5.4 to 5.423

Bypass disable_functions in PHP by JSON serializer

Unauthenticated MongoDB lead to compromising the database server

Bypass filter with JavaScript RegExp.prototype​.source

Securinets CTF Quals 2019 write-up

Teaser CONFidence CTF 2019

Convert reflected XSS to DOM-based XSS to bypass length limit filter

Pragyan CTF 2019