/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

positive.security
| | evilpacket.net
5.4 parsecs away

Travel
| | a blog about my security research, development, and other things.
| | alesandroortiz.com
3.9 parsecs away

Travel
| | Alesandro Ortiz: Software Engineer. Security Researcher.
| | nv1t.github.io
4.8 parsecs away

Travel
| | I've identified a security concern within the self-hosted file sharing tool ProjectSend in the current version r1605. By exploiting a chain of vulnerabilities - including Cross-Site Scripting (XSS), Insecure Direct Object Reference (IDOR), and weaknesses in its change password implementation - an authenticated attacker can force a logged-in user to unknowingly change their account password, by clicking a link. But let me explain the attack in detail.
| | www.cyberkendra.com
19.3 parsecs away

Travel
| SOCKS5 heap buffer overflow vulnerability in Curl lead to arbitrary remote code execution.