Hi everyone in this post I’ll show you how I find out First Touch Games database information. It is actually happens because of a common mistake. Let’s see. FTS is a populer football game which is available on Android and iOS platforms. I dont know why but they are still using very old version of…
SMARTSHEET XSS VIA FILE UPLOAD
Hi, today I want to explain XSS vulnerability that I found on Smartsheet.com. Smartsheet XSS vulnerability is an interesting vulnerability because it occurs via file upload! By the way I want to clarify that, this XSS works with or without authorization, so it is dangerous vulnerability as well as interesting. What is Smartsheet and more…
BYPASS TWO FACTOR AUTHENTICATION VULNERABILITY ON LOGIN.GOV
I found a way to bypass two factor authentication on login.gov which contains critical informations in it. This vulnerability occurs because of the misconfigurated token. The account creating process of login.gov is very interesting. You need to confirm your email first, instead of last. I realised that this might cause some security problems. And it…
Other Posts: Mustafa Kemal CAN ~ muskecan
Senate.gov open redirect vulnerability
How I hacked ASUS?
CyberArk EPM Privilege Escalation Vulnerability – CVE-2018-13052
CyberArk EPM file block bypass – CVE-2018-14894
Fronter XSS – 3 XSS in 1 Blogpost
First Touch Games database information leak
ITSLEARNING VULNERABILITY STORIES – One more stored XSS
ITSLEARNING XSS PART 2
SMARTSHEET XSS VIA FILE UPLOAD
Guestall – SIMPLE BUT IMPORTANT PYTHON SCRIPT
