CVE-2024-56311 - Exploiting CSRF in REDCap’s Calendar Notes for Forced Logout
*June 2024 – Written exclusively for security practitioners and REDCap users.*
CVE-2024-56311 uncovers a flaw in REDCap up to version 14.9.6 that lets attackers
CVE-2024-8647 - GitLab Harbor Integration Leaks Anti-CSRF Token (Explained With Exploit Tutorial)
Recently, a critical security vulnerability was discovered in GitLab, one of the world’s most popular DevOps platforms. Tracked as CVE-2024-8647, this issue affects self-hosted
CVE-2023-47820 - Exploiting Missing Authorization in CRUDLab WP Like Button (<= 1.7.) – A Simple Guide
WordPress is the most popular CMS, and plugins like WP Like Button by CRUDLab add some fun social features for users, letting people “like” posts
CVE-2023-25714 - How Missing Authorization in Fullworks Quick Paypal Payments Can Let Attackers Control Your PayPal Payments
CVE-2023-25714 is a serious security bug that affects the popular Quick Paypal Payments plugin for WordPress. This vulnerability lets attackers take powerful actions—like modifying
CVE-2024-54001 - Stored XSS Vulnerability in Kanboard Project Management Software (Detailed Write-Up)
Kanboard is a popular project management tool designed around the Kanban methodology. It lets teams visualize tasks and workflows, making project tracking easier and more
Episode
00:00:00
00:00:00