CVE-2024-52286 - Self XSS in Stirling PDF
While reviewing the Stirling-PDF (https://github.com/Stirling-Tools/Stirling-PDF/) application, I identified a vulnerability in the “Merge PDF” functionality...
Posts by Tag
Hacking
Command Injection In es-hangul Github Actions Workflow
Command Injection In es-hangul Github Actions Workflow Overview GitHub Actions is a powerful tool for automating software workflows. However, improper conf...
Algolia API Key Misconfiguration in Vite
Algolia API Key Misconfiguration in Vite Repository Overview While browsing through GitHub (as you do), I discovered a potentially critical security vulner...
Fantastic GraphQL Bugs And Where To Find Them
Fantastic GraphQL Bugs and Where to Find Them Intro Back in 2022, I presented a talk at OWASP NZ Day about common GraphQL bugs that my colleagues and I had ...
Appsec
CVE-2024-52286 - Self XSS in Stirling PDF
While reviewing the Stirling-PDF (https://github.com/Stirling-Tools/Stirling-PDF/) application, I identified a vulnerability in the “Merge PDF” functionality...
Command Injection In es-hangul Github Actions Workflow
Command Injection In es-hangul Github Actions Workflow Overview GitHub Actions is a powerful tool for automating software workflows. However, improper conf...
Algolia API Key Misconfiguration in Vite
Algolia API Key Misconfiguration in Vite Repository Overview While browsing through GitHub (as you do), I discovered a potentially critical security vulner...
Vulnerabilities
CVE-2024-52286 - Self XSS in Stirling PDF
While reviewing the Stirling-PDF (https://github.com/Stirling-Tools/Stirling-PDF/) application, I identified a vulnerability in the “Merge PDF” functionality...
Command Injection In es-hangul Github Actions Workflow
Command Injection In es-hangul Github Actions Workflow Overview GitHub Actions is a powerful tool for automating software workflows. However, improper conf...
Algolia API Key Misconfiguration in Vite
Algolia API Key Misconfiguration in Vite Repository Overview While browsing through GitHub (as you do), I discovered a potentially critical security vulner...
Helloworld
Hello World!
Hello World! 👋🌍 New post, who dis?
GraphQL
Fantastic GraphQL Bugs And Where To Find Them
Fantastic GraphQL Bugs and Where to Find Them Intro Back in 2022, I presented a talk at OWASP NZ Day about common GraphQL bugs that my colleagues and I had ...
AppSec
Fantastic GraphQL Bugs And Where To Find Them
Fantastic GraphQL Bugs and Where to Find Them Intro Back in 2022, I presented a talk at OWASP NZ Day about common GraphQL bugs that my colleagues and I had ...
APIs
Algolia API Key Misconfiguration in Vite
Algolia API Key Misconfiguration in Vite Repository Overview While browsing through GitHub (as you do), I discovered a potentially critical security vulner...
tech
Automating Portainer Hosted Teslamate Backups to Google Drive
Teslamate is a self-hosted data logger and visualization tool for Tesla vehicles. It provides detailed insights into driving patterns, charging history, and ...
automation
Automating Portainer Hosted Teslamate Backups to Google Drive
Teslamate is a self-hosted data logger and visualization tool for Tesla vehicles. It provides detailed insights into driving patterns, charging history, and ...