If you’re unfamiliar with PrestaShop (https://github.com/PrestaShop/PrestaShop), think of it as a comprehensive toolbox designed for creating an online store. This platform enables you to construct your storefront, display your merchandise,...
Read more →The following write-up guides you through the discovery of a critical Remote Code Execution (RCE) vulnerability in pgAdmin (<=8.4) a widely used administrative tool for PostgreSQL databases, which presents a...
Read more →Content Security Policy (CSP) is an added security layer that helps detect and mitigate specific attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything...
Read more →While playing around with the SMC platform at paypal.com, I came across an interesting endpoint that doesn’t include a CSRF token within its request when you delete a message. Cross-Site...
Read more →