Offensive Security Engineering @noon

Ayoub ELMOKHTAR | Offensive Security Engineering @noon

CVE-2024-34716 – The Deceptive PNG Trap: Breaking Down the PNG-Driven Chain from XSS to Remote Code Execution on PrestaShop (<=8.1.5)

If you’re unfamiliar with PrestaShop (https://github.com/PrestaShop/PrestaShop), think of it as a comprehensive toolbox designed for creating an online store. This platform enables you to construct your storefront, display your merchandise, interact with customers, and process payments. Its cost-free nature and the ability to enhance its functionality with various add-ons make it a popular choice among retailers.

CVE-2024-3116 – Remote Code Execution Vulnerability in pgAdmin - PostgreSQL Tools (<=8.4): Detailed Analysis Report

The following write-up guides you through the discovery of a critical Remote Code Execution (RCE) vulnerability in pgAdmin (<=8.4) a widely used administrative tool for PostgreSQL databases, which presents a significant concern. the vulnerability can be identified with CVE-2024-3116

CVE-2020-9915 – Failure to properly process form-action ‘self’ leads to CSP bypass in Safari

Content Security Policy (CSP) is an added security layer that helps detect and mitigate specific attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribute malware.

I could’ve deleted all SMC messages. using Brute Force Technique – PayPal

While playing around with the SMC platform at paypal.com, I came across an interesting endpoint that doesn’t include a CSRF token within its request when you delete a message. Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help from social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing. If the victim is a normal user, in this case, a CSRF attack can force the user to delete all of his messages without the victim’s notice.