Kailash

Information security Practitioner

MSSQL Injection In JSON Request

MSSQL Injection in android application from JSON Request.

Blind XSS on Google Internal System

Blind cross-site scripting (XSS) refers to a type of code injection where an attacker inserts XSS payload in user input fields and...

GraphQL IDOR in Facebook streamer dashboard.

While viewing our stream dashboard data from creator studio, there is an endpoint from where we can see our dashboard status. There is parameter called profile_id which can be misused to access dat...

Stored Cross Site Scripting on Mdaemon Webmail (20.0.0)

XSS on Mdaemon webmail affecting versions < 20.0.0

CVE-2020-10596

Authenticated Stored Cross Site Scripting (XSS) in OpenCart 3.0.3.2.

Kailash

Recent Posts

MSSQL Injection In JSON Request

Blind XSS on Google Internal System

GraphQL IDOR in Facebook streamer dashboard.

Stored Cross Site Scripting on Mdaemon Webmail (20.0.0)

CVE-2020-10596