Tag: ctf

All the articles with the tag "ctf".

• Server-Side Request Forgery: Accessing Internal Pages via Support Form

  kOaDT

  17 Jan, 2026

  Exploiting a server-side request forgery vulnerability in OopsSec Store's support form to access restricted internal pages.

• Client-Side Price Manipulation

  kOaDT

  16 Jan, 2026

  Exploiting a server-side validation failure in OopsSec Store's checkout process to purchase products at arbitrary prices.

• Mass Assignment: Admin Privilege Escalation via Signup

  kOaDT

  15 Jan, 2026

  Exploiting a mass assignment vulnerability in OopsSec Store's signup endpoint to create an account with administrator privileges.

• React2Shell: Exploiting CVE-2025-55182 in React Server Components

  kOaDT

  12 Jan, 2026

  A technical analysis of CVE-2025-55182, demonstrating how React Server Components deserialization leads to remote code execution.

• SQL Injection: From Dropdown to Database Dump

  kOaDT

  10 Jan, 2026

  How a simple order status filter can be exploited to extract every user's credentials from the database.