Seclog - #32

Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust

inDrive | Report #1861487 - inDriver Job - Admin Approval Bypass

HackerOne | Report #2032778 - Internal machine learning API endpoint for CWE classification is vulnerable to path traversal

Linux local electron application script-src: self bypass

How I Hacked CASIO F-91W digital watch

Patch Diffing CVE-2023-28121 to Compromise a WooCommerce

Full Disclosure - DOM-based XSS And Failures In Bug Bounty Hunting

RCE in GitLab's CLI tool

A Journey Into Hacking Google Search Appliance

Prompt Injection: How to Prevent It or Should We Prevent It?

SirBugs/CVE-2023-24488-PoC

RandomRobbieBF/CVE-2023-2982

zzzteph/probable_subdomains

hakluke/hakstore

lauritzh/auth-request-analyser

orf/gping: Ping, but with a graph

sensepost/steampipe-plugin-projectdiscovery

gerobug/gerobug

Hacking a Satellite News-Link CNN System.

Segfault | The Hacker’s Choice

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: securify@rosecurify.com

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog: