CVE-2023-6294: popup-builder <= 4.2.6 Admin+ SSRF & File Read
In this blog post I'll describe the details of CVE-2023-6294, a local file inclusion in WordPress' popup-builder plugin.
Just another security blog
CVE-2023-6295: so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion
In this blog post I'll describe the details of CVE-2023-6295, a local file inclusion in WordPress' so-widgets-bundle plugin.
Measuring a Tor Hidden Service's idle Traffic
A month ago, I wondered myself how much traffic an idle hidden service would consume just to keep the necessary circuits open. To answer this question, I set up a
BalCCon2k20 CTF: Let Me See And Dawsonite Writeups
Last weekend, I had the time to play the BalCCon2k20 CTF [https://ctftime.org/event/1100] and since there are no writeups for the last two web challenges yet, I
Credentials hiding in plain sight or how I pwned your http auth
In this blog post I will go over the little research project I did about http authentication credentials hiding in plain sight. Idea A few month ago, I was thinking