Cristian Giustini – Hacktive Security Blog

Application Security

CVE-2021-43136 – FormaLMS – The evil default value that leads to Authentication Bypass

October 5, 2021January 1, 2022

Preface As part of our recent research activity, we stumbled upon FormaLMS. The project is an open source Learning Management System built by forma.association and...

Application Security

SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin

Cristian Giustini

July 9, 2021January 18, 2022

This is a brief story about how we found a vulnerability on a drupal plugin that, when not configured correctly, could allow an authenticated user...

Application Security

Matrix Synapse 1.12.3 – SSRF and Cache poisoning

Cristian Giustini

June 14, 2020July 24, 2021

tl;dr The Matrix Synapse servers have been found affected by a security issue about the lack of a validation system for "Server-to-server" API leading to SSRF and...

Internet of Things

Daikin Emura Series – Arbitrary Remote Control via DNS Rebinding

Cristian Giustini

December 14, 2018July 15, 2021

There is a lot of hype around DNS rebinding vulnerability and vulnerable IoT devices, including home cameras, air conditioners or climate control devices; this flaw...

Application Security

Facebook chat / dashboard content injection

Cristian Giustini

January 3, 2018July 15, 2021

I often wondered how link generation functionality is implemented by major social network applications and, more specifically, the preview generation. Some time ago a friend...

CVE-2021-43136 – FormaLMS – The evil default value that leads to Authentication Bypass

SA-CONTRIB-2021-036 NotSoSAML – Privilege Escalation via XML Signature Wrapping on MiniorangeSAML Drupal Plugin

Matrix Synapse 1.12.3 – SSRF and Cache poisoning

Daikin Emura Series – Arbitrary Remote Control via DNS Rebinding

Facebook chat / dashboard content injection

Top Category

Application Security

Mobile

Exploitation

Recent Post

Top Category