Writeup

Arbitrary File Upload via External Files Feature Allows Client-Side Remote Code Execution

by Samuele Gugliottain bug-bounty,security-testing,ethical-hacking,writeup

PostgreSQL Database Exfiltration through the abuse of PostgREST requests

by Samuele Gugliottain bug-bounty,security-testing,ethical-hacking,writeup

Full Account Takeover of ANY user via Insecure Direct Object Reference (IDOR) on reset password functionality

by Samuele Gugliottain bug-bounty,security-testing,ethical-hacking,writeup