Salta al contenuto

Mese: Maggio 2014

Facebook’s Parse OAuth2 Bug

Facebook’s Parse OAuth2 Bug

In this post i’m going to show how i was able to hack into Parse accounts via OAuth vulnerability.
You can sign in into Parse by inserting your email and password or signing in with your Facebook account. Leggi tutto “Facebook’s Parse OAuth2 Bug”

Autore Medu554Pubblicato il Maggio 14, 2014Novembre 23, 2018Categorie Uncategorized

Yahoo! Unrestricted File Upload Vulnerability

Yahoo! Unrestricted File Upload Vulnerability

Hi all,

In this Write-Up i’ll explain how i was able to find an Unrestricted File Upload in https://reports-as.web.analytics.yahoo.com/

This is the PoC i sent to Yahoo! Security.

These are the steps to reproduce the issue:
1)Login at yahoo.com Leggi tutto “Yahoo! Unrestricted File Upload Vulnerability”

Autore Medu554Pubblicato il Maggio 8, 2014Novembre 23, 2018Categorie Uncategorized

Articoli recenti

  • [CVE-2019-9185] Bolt CMS <= 3.6.4 Auth RCE
  • PayPal Merchant Launch Site: Authentication Bypass Vulnerability
  • Ebay: From CSRF to Full Takeover Account of any user
  • WhatsApp: LFD Vulnerability
  • AT&T : From CSRF to Full Takeover Account of any user

Commenti recenti

    Archivi

    • Febbraio 2019
    • Ottobre 2014
    • Luglio 2014
    • Giugno 2014
    • Maggio 2014

    Categorie

    • Uncategorized
    • Uncategorized
    Proudly powered by WordPress