Top 10 web hacking techniques of 2022
Cisco Webex Connect - Unauthenticated access to all chats
XS-Leak via CSS injection & tab crash
Stealing HttpOnly cookies with the cookie sandwich technique
Next.js, cache, and chains: the stale elixir
Vote for the Top Ten (new) Web Hacking Techniques of 2024
Exploiting SSTI in a Modern Spring Boot Application (3.3.4)
WorstFit: Unveiling Hidden Transformers in Windows ANSI!
Top 10 web hacking techniques of 2024: nominations open
Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal
Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal (CSPT, CSPT2CSRF)
Call for nominations: Top ten web hacking techniques of 2024
From Arbitrary File Write to RCE in Restricted Rails apps
The Ruby on Rails _json Juggling Attack
Bypassing WAFs with the phantom $Version cookie
Sub needs an overhaul
XS-Leaks through Speculation Rules
Gem::SafeMarshal escape
Requesting r/BugBounty
Can we make this sub useful?
Cross-Site POST Requests Without a Content-Type Header
Turning an XML file write into RCE in Spring
