Collaborate Disseminate
While pentesting a website I came across yarn.lock file that contains an application dependency and I found this vulnerable library y18n v4.0.0 to CVE-2020-7774.
How can I reproduce the vulnerability or how to use the PoC below?
const y18n… Continue reading How to reproduce this CVE-2020-7774 parameter pollution vulnerability
I’m looking to find a partner or agency to work with on building an e-commerce site. Nothing crazy…forty seven products and simple cart is all that’s required. I’m seeing a lot of options out there all with the similar descriptions and e… Continue reading What are some red flags to look for in a web dev agency [closed]
So I’ve got two VPN subscriptions, let’s call them VPN A and VPN B. And I like going to a somewhat popular website, which I’ll call Site C.
I’m a new customer to VPN B, and I’ve noticed that I can’t access Site C while using VPN B. I can a… Continue reading How to know whether a VPN is blocking a website or a website is blocking a VPN
I want to create a website for internal secure chat. I want to be able to give people a user name and log in and then they can log in to a portal at a website; then I can chat to them solely in a chat interface on this website. If they hav… Continue reading How to secure a web-only chat with message persistence and ability to delete a message?
In this post, we will discuss what you need to do if you get the 9anime Server Error 500 or API error. Most anime users are familiar with 9anime. The website is known for its wide range of streaming options; however, recently, its streamers are facing … Continue reading How to fix 9anime Server Error 500
Listening to music is a form of relaxation as well as fun. But if you want to enjoy music in your school, college, or office, you need the best free unblocked music sites. Here’s a quick rundown of some of the best free unblocked music sites you … Continue reading Best free Unblocked Music sites
I am wondering how we can effectively extract all subdomains of given website? For example, the free hosting websites, I would like to extract all subdomains and see if I can find some subdomains related to our company that’s maybe used fo… Continue reading efficient subdomain extraction [duplicate]
I have a website where a user needs to register with his mobile phone number. It is verified by sending a verification code by SMS, each SMS costs me €0,10.
I have already implemented a check that if a user enters the same phone number twi… Continue reading Server-side solution to protect from bots? [duplicate]
Is there a way in WAF(FortiWeb) to prevent our website to be browsable using its web public ip address?
Continue reading WAF: Access the website via its public ip address [closed]
A website is returning valid response if IP of the client is in specific range(whitelist). I know that one can spoof IP within that range to bypass that block, but in that case the spoofer will not receive response as it will be sent to th… Continue reading Spoofing IP to get content from website? [duplicate]