❌

Normal view

There are new articles available, click to refresh the page.
Before yesterdayPentest/Red Team

Dynamic caching: What could go wrong?

27 July 2022 at 08:47
Tl;DrThe Engintron plugin for CPanel presents a default configuration which could expose applications to account takeover and / or sensitive data exposure due to cache poisoning attacks. Whenever a client sends a request to a web server, the received response is processed and served by the back-end service each time. In case of an high […]

Intigriti XSS Challenge – December 2021

27 December 2021 at 14:33
The approach to this challenge was completely different from the past two months, as the vulnerable component was on the backend, forcing us to approach it as a black box scenario. The page presents a simple submittable get form providing the open and payload parameters. To reach that from the UI, a user has to […]
❌
❌