Analysis of vulnerabilities from Security Audit || Bug Bounty || Security advisories || CTF.
| Name | Field | Vulnerability | Proof of Concept(PoC) |
|---|---|---|---|
| CVE-2021-43849 | Mobile - Android | Denial of Service (DoS) | Link 2 PoC |
| CVE-2022-2071 | Web Application | CSRF + XSS | Link 2 PoC |
| CVE-2022-2072 | Web Application | XSS | Link 2 PoC |
| CVE-2022-3241 | Web Application | SQL Injection(SQLi) | Link 2 PoC |
| CVE-2022-3860 | Web Application | SQL Injection(SQLi) | Link 2 PoC |
| CVE-2023-4724 | Web Application | SQL Injection(SQLi) | Link 2 PoC |
| CVE-2023-5882 | Web Application | Remote Code Execution(RCE) | Link 2 PoC |
| Oracle On-Line Presence Security | Mobile - Android | Open arbitrary URLs | Link 2 HoF |
| CVE-2024-23710 | Mobile - Android | EoP (Elevation of Privilege) | WiP |
| Name | Field | Vulnerability | Writeup | Platform |
|---|---|---|---|---|
| ConfigEditor | Mobile - Android | Java Deserialization | Link 2 Writeup | MHL |
| Europa | Web Application | SQLi, preg_replace() | Link 2 Writeup | HTB |
| Bank | Web Application | File Upload | Link 2 Writeup | HTB |