Tag: bug bounty

How I hacked ASUS?

Hello folks! Today I want to talk about ASUS RCE vulnerability on rma.asus-europe.eu domain. I was trying to fill out service apply form for my personal laptop. I had a screen issue. I realised that there is an upload part to upload some warranty documents. I was trying to bypass upload restrictions by editing request….


SMARTSHEET XSS VIA FILE UPLOAD

Hi, today I want to explain XSS vulnerability that I found on Smartsheet.com. Smartsheet XSS vulnerability is an interesting vulnerability because it occurs via file upload! By the way I want to clarify that, this XSS works with or without authorization, so it is dangerous vulnerability as well as interesting. What is Smartsheet and more…