Tag: writeup
All the articles with the tag "writeup".
-
Server-Side Request Forgery: Accessing Internal Pages via Support Form
Exploiting a server-side request forgery vulnerability in OopsSec Store's support form to access restricted internal pages.
-
Client-Side Price Manipulation
Exploiting a server-side validation failure in OopsSec Store's checkout process to purchase products at arbitrary prices.
-
Mass Assignment: Admin Privilege Escalation via Signup
Exploiting a mass assignment vulnerability in OopsSec Store's signup endpoint to create an account with administrator privileges.
-
React2Shell: Exploiting CVE-2025-55182 in React Server Components
A technical analysis of CVE-2025-55182, demonstrating how React Server Components deserialization leads to remote code execution.
-
SQL Injection: From Dropdown to Database Dump
How a simple order status filter can be exploited to extract every user's credentials from the database.
