Vulnerabilities tagged "testing"

A request that isn't vulnerable until you make it twice.Definitely an interesting edge case that a lot of testing might overlook...

A long, fairly beginner friendly post about attacking a Bluetooth lock, there is a lot of process information here as it was an intern's research project. What the vulnerability comes down to though is a lack of any real authoization checking instead only validating the integrity (poorly!) of the request and trusting the app did all the heavy lifting.

BBCode XSS chained with an admin panel SQL injection for potential for code execution.

Cool, yet simple finding from the DataDog security team where calls to an undocument `iamadmin` service would also not appear in CloudTrail logs but could reproduce the functionality of several standard IAM service methods.

An email normalization issue allowing for remote control of a vehicle.

Multiple memory corruptions in Microsoft Edge browser, there are several issues here but they all generally can be summed up as "self-corruptions".Its things like a use-after-free by opening a dialog, closing the backing page that spawned the dialog, and then closing the dialog triggering a callback that no longer exists...

Great series of posts covering the authors research progress and eventual owning of a wireless scoreboard system.Unlike a lot of the attacks we cover, this had more of a hardware and even radio signal focus...

Two argument injections that were found in Bitbucket server, though only one of them was exploitable.The first was in the `/rest/api/latest/projects/~USER/repos/repo1/browse` endpoint, where an `at` parameter could be provided...