Vulnerabilities tagged "interesting bug"

[Glovo] Integer overflow vulnerability

Funny bug in Glovo, which is a delivery platform for taking orders and dispatching deliveries.The bug is an integer overflow in the quantity parameter of the POST request for the order, which can affect the total price of the order...
 

Unsigned to Signed Conversion Leading to filter_var Bypass

Cool trick impacting php's `filter_var` which is actually a bit of a binary-level issue, if you provide a long enough string as the argument to `filter_var`eventually some code for (`FILTER_VALIDATE_DOMAIN` and `FILTER_FLAG_HOSTNAME`) will mistakenly believe the size is much smaller than it actually is (negative).
 
1
2
3
4