Etiqueta: Practitioner

File path traversal, traversal sequences blocked with absolute path bypass

Accidental exposure of private GraphQL fields

Exploiting cross-site scripting to steal cookies

Web shell upload via extension blacklist bypass

Web shell upload via path traversal

Exploiting a mass assignment vulnerability writeup

Finding and exploiting an unused API endpoint

Exploiting server-side parameter pollution in a query string Portswigger Lab Solution