I found a way to bypass two factor authentication on login.gov which contains critical informations in it. This vulnerability occurs because of the misconfigurated token. The account creating process of login.gov is very interesting. You need to confirm your email first, instead of last. I realised that this might cause some security problems. And it…
Other Posts: Mustafa Kemal CAN ~ muskecan
Senate.gov open redirect vulnerability
How I hacked ASUS?
CyberArk EPM Privilege Escalation Vulnerability – CVE-2018-13052
CyberArk EPM file block bypass – CVE-2018-14894
Fronter XSS – 3 XSS in 1 Blogpost
First Touch Games database information leak
ITSLEARNING VULNERABILITY STORIES – One more stored XSS
ITSLEARNING XSS PART 2
SMARTSHEET XSS VIA FILE UPLOAD
Guestall – SIMPLE BUT IMPORTANT PYTHON SCRIPT
