Vulnerabilities tagged "web"

Race conditions on the web are one of my favorite vulnerability classes.Easy and often fairly impactful...

The device administration web-app fails to properly validate the session cookie allowing for an unauthorized attacker to gain access.The issue depends on the internal ifttt_token not being set (default)...

This one is just a silly issue.On PHP versions under 8 libxml_disable_entity_loader(true) is called to disable external entities...

Composer will query Packagist to obtain metadata about the package to download.This includes where to fetch the code from (both source and pre-build archives)...

Two stage attack to fully takeover a facebook account.

Four pre-auth NoSQL injections (blind) as well as an authenticated PHP injection.

**Tl;dr** /api/log endpoint writes to a log file with attacker controlled data. Also attacker can write to any *.log file.

**Tl;dr** Grammarly will add users to the wrong organization if an attacker creates an org with an entityId that matches the victim’s but with extra whitespace at the end.

Two 2FA bypassing, one based on auth state not being tied to the user's session, the other involved swapping a transaction id to trick the server into thinking the attacker's 2FA acceptance was the victim's.