Hi everyone in this post I’ll show you how I find out First Touch Games database information. It is actually happens because of a common mistake. Let’s see. FTS is a populer football game which is available on Android and iOS platforms. I dont know why but they are still using very old version of…
SMARTSHEET XSS VIA FILE UPLOAD
Hi, today I want to explain XSS vulnerability that I found on Smartsheet.com. Smartsheet XSS vulnerability is an interesting vulnerability because it occurs via file upload! By the way I want to clarify that, this XSS works with or without authorization, so it is dangerous vulnerability as well as interesting. What is Smartsheet and more…
BYPASS TWO FACTOR AUTHENTICATION VULNERABILITY ON LOGIN.GOV
I found a way to bypass two factor authentication on login.gov which contains critical informations in it. This vulnerability occurs because of the misconfigurated token. The account creating process of login.gov is very interesting. You need to confirm your email first, instead of last. I realised that this might cause some security problems. And it…
Recent Posts
- Protected: REDACTED 20 November 2021
- [REDACTED] App – Insufficiently “Encrypted” Config Leads to Free InAppPurchase 23 March 2020
- Make IDOR great again! 5 December 2019