Outer Web | Explore

Explore >> Select a destination

You are here		buer.haus H1-5411 CTF Write-up by erbbysam and ziot \| Brett Buerhaus
\|	\|	positive.security From XSS to RCE (dompdf 0day) \| Positive Security	10.3 parsecs away Travel
\|	\|	Using a still unpatched vulnerability in the PHP library dompdf (used for rendering PDFs from HTML), we achieved RCE on a web server with merely a reflected XSS vulnerability as entry point.	10.3 parsecs away Travel
\|	\|	www.nodejs-security.com An Introduction to SSRF Bypasses and Denylist Failures	14.4 parsecs away Travel
\|	\|	Getting hands-on with SSRF bypasses and the pitfalls of denylists.	14.4 parsecs away Travel
\|	\|	chefsecure.com I Found XSS Security Flaws in Rails Here's What Chef Secure	10.6 parsecs away Travel
\|	\|	Ever hear of Ruby on Rails? Here's how I hacked it for a $500 bounty! The JavaScript escaping used by Rails developers is missing protections for a common feature that's been around for over 5 years!	10.6 parsecs away Travel
\|	\|	www.silvestar.codes 2018 lookback ? S.Bistrovi?	111.9 parsecs away Travel
\|		It is the beginning of the new year, and it is time to look back to 2018, but from a technology perspective. I have learned a lot, here are my findings.	111.9 parsecs away Travel