• Home
  • About
  • @sivaneshashok
  • Search
Menu
Topic 5 Posts

Vulnerabilities

Page 1 of 1

Stealing Google Drive OAuth tokens from Dropbox

By Sivanesh Ashok in Bug Bounties on 17 May 2022

Sreeram KL and I were able to chain a harmless CSRF and SSRF in HelloSign to leak Google Drive OAuth tokens of Dropbox users. We reported the issue to Dropbox. It was fixed, a bounty was paid, and you can read below for more details. SSRFOn the 1st of February…

Bypassing file upload filter by source code review in Bolt CMS

By Sivanesh Ashok in Vulnerabilities on 27 Jun 2020

I discovered multiple vulnerabilities in an open-source PHP application, Bolt CMS. Chaining them led to a single-click RCE. If you want to read about all the found vulnerabilities in detail, you can find the full advisory here and the exploit here. This article only focuses on the file upload bypass…

CSRF to RCE bug chain in Prestashop v1.7.6.4 and below

By Sivanesh Ashok in Vulnerabilities on 18 Apr 2020

This article is about a CSRF, XSS bug chain that is then escalated to Remote Code Execution as an unauthenticated attacker, in Prestashop (unpatched as of 18/04/2020). When the admin opens a link, the chain gets executed and the server gets pwned. If you are interested in reading…

WordPress Privilege Escalation from an Editor to Administrator

By Sivanesh Ashok in Vulnerabilities on 21 Sep 2019

This article is about how a WordPress Editor can use unfiltered HTML and some social engineering to gain administrative access to the WordPress site and pwn the server. My first observation was that editors and administrators can add unfiltered HTML and JavaScript using the custom HTML block while creating a…

CVE-2019-11815: The misinformation around this vulnerability and a brief analysis

By Sivanesh Ashok in Vulnerabilities on 24 May 2019

I, and probably you, first read about this vulnerability on the bleepingcomputer article or a Reddit post linking to that article. The article stated that all Linux kernels prior to 5.0.8 are vulnerable to RCE. So, is a huge part of the internet now vulnerable? I started looking…

Page 1 of 1

Topics

Vulnerabilities: 5 Privilege Escalation: 1 Dropbox: 1 CSRF: 1 SSRF: 1 Bug Bounties: 1 CVE-2019-11815: 1 Tools: 1 Hashcatch: 1 WiFi: 1 CVE-2020-2040: 1 WordPress: 1 RCE: 1 Prestashop: 1 CVEs: 1 Source Code Review: 1 CVE-2020-4041: 1
Sivanesh Ashok © 2022
  • Sign up
Published with Ghost • Theme Attila • System theme