Stored Angular XSS in Mall.cz

https://www.mall.cz/wishlists/1kvjvao6

https://www.openbugbounty.org/reports/630985/

Problems: XSS (stored)
Reward: None
Fixed: Yes

Comment

SQLi at Maxon

Vulnerable URL: https://reg.maxon-campus.net/login/forgotpassword.php

If you enter ‘ (a single quote) into the input field, it’ll show:

query failed1064 : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ””’ at line 1

 

Summary:

Problems: SQLi
Reward: None
Fixed: Yes

Comment

Easy way to auto-refresh POP3 accounts in Gmail every 5 minutes

► IFTTT: https://ifttt.com

► IFTTT Applet: https://ifttt.com/applets/77548998d-i…

► Feed URL: http://lorem-rss.herokuapp.com/feed?u…

► Email address format:
mailchecker_DELETETHIS@yourDomainName.com

► Email title: mailchecker_DELETETHIS

► Body: POP3 mailchecker_DELETETHIS from ifttt.com

► Gmail filter: to:(mailchecker_DELETETHIS@yourDomainName.com)

Comment

Zhiyun Smooth Q – Video Footage Comparison

Comment

Angular XSS vulnerability on McDonalds.com

I reported this vulnerability on https://www.openbugbounty.org/reports/608322/

Previous fixed vulnerabilities on mcdonalds.com:

https://www.openbugbounty.org/reports/481416/

Comment

My blog

Coming soon… 🙂

Comment