❌
There are new articles available, click to refresh the page.
Yesterday β€” 29 November 2022Vulnerabily Research

A Ride on the Wild Side with Hacking Heavyweight Sick Codes

29 November 2022 at 18:16
Beverage of Choice: Krating Daeng (Thai Red Bull) Industry Influencer he Admires: Casey John Ellis What did you want to be when you grew up? A physician and nearly did Hobbies (Present & Past): Motorcycling & Australian Football Bucket List: Continuing to discover new software Fun Fact: He currently has 2,000 tabs open β€œPeople keep …

A Ride on the Wild Side with Hacking Heavyweight Sick Codes Read More Β»

Before yesterdayVulnerabily Research

Microsoft SharePoint Server Post-Authentication Server-Side Request Forgery vulnerability

25 October 2022 at 00:00
Overview Disclaimer: No anime characters or animals were harmed during the research. The bug had been fixed but it did not meet that criterion required to get CVE. Recently, we have found a Server-Side Request Forgery (SSRF) in Microsoft SharePoint Server 2019 which allows remote authenticated users to send HTTP(S) requests to arbitrary URL and read the responses. The endpoint <site>/_api/web/ExecuteRemoteLOB is vulnerable to Server-Side Request Forgery (SSRF). The HTTP(S) request is highly customizable in request method, path, headers and bodies.
❌
❌