Hall of fame

If you find a vulnerability on this server you will be forever immortalized on this page!

  • Parth Narula 2024-01-15
    CSRF vulnerability allows attackers to force users to post comments on the blog.
    Since I use tripcodes (Blog post 3 for more info) for authentication, and not cookies, this CSRF does not allow attackers to impersonate users. However, an attacker could abuse this to post a lot of spam.
    Fix: The Sec-Fetch-Site header is perfect for this. Only allow comments if($_SERVER['HTTP_SEC_FETCH_SITE'] != "cross-site")

  • Anonymous (Comment) 2021-06-15
    Found a Stored XSS in the upload honeypot.
    Due to a misconfiguration, CSP was not active on the honeypot. In addition file names were not escaped correctly.
    Fix: Added CSP to honey pot and htmlentities on file names.