Mese: Maggio 2014

In this post i’m going to show how i was able to hack into Parse accounts via OAuth vulnerability.
You can sign in into Parse by inserting your email and password or signing in with your Facebook account. Leggi tutto “Facebook’s Parse OAuth2 Bug”

Hi all,

In this Write-Up i’ll explain how i was able to find an Unrestricted File Upload in https://reports-as.web.analytics.yahoo.com/

This is the PoC i sent to Yahoo! Security.

These are the steps to reproduce the issue:
1)Login at yahoo.com Leggi tutto “Yahoo! Unrestricted File Upload Vulnerability”