Skip to main content

Posts

Embedding Payloads in GIF File Using the Global Color Table

2025-05-02

/posts/gif_payload_gct/ map[name:Sorcery Ltd]

CFOR Exploit - Recovering Deleted and Private Github Commits

2024-08-03

/posts/cfor_exploit/ map[name:Sorcery Ltd]

MyBB Admin Panel RCE CVE-2023-41362

2023-09-11

/posts/mybb_acp_rce/ map[name:Sorcery Ltd]

PHPInfo Exposure in MyPrestaModules Modules CVE-2023-39677

2023-09-08

/posts/myprestamodules_phpinfo/ map[name:Sorcery Ltd]

SQLi in SimpleImportProduct Prestashop Module CVE-2023-39675

2023-09-08

/posts/simpleimportproduct_sqli/ map[name:Sorcery Ltd]

XSS in FieldPopupNewsletter Prestashop Module CVE-2023-39676

2023-09-07

/posts/fieldpopupnewsletter_xss/ map[name:Sorcery Ltd]

SQLi in XIPBlog Prestashop Module CVE-2023-27847

2023-08-03

/posts/xipblog_sqli/ map[name:Sorcery Ltd]

HigherLogic Community RCE Vulnerability

2022-02-03

/posts/higherlogic_rce/ map[name:Sorcery Ltd]

Auth Bypass in ADOdb CVE-2021-3850

2022-01-26

/posts/adodb_auth_bypass/ map[name:Sorcery Ltd]

Proof of Concept for CVE-2021-38314 (Redux Framework)

2021-10-04

/posts/redux_wordpress/ map[name:Sorcery Ltd]

SQLi in SmartBlog CVE-2021-37538

2021-08-21

/posts/smartblog_sqli/ map[name:Sorcery Ltd]

SQLi in ph_simpleblog CVE-2021-36748

2021-08-18

/posts/ph_simpleblog_sqli/ map[name:Sorcery Ltd]

Adminer - A Guide For All its Vulnerabilities

2021-03-11

/posts/adminer/ map[name:Sorcery Ltd]

#adminer

The Time I tried to get a Bounty from Binance

2020-12-10

/posts/binance-phishing-bounty/ map[name:Sorcery Ltd]

Exposed .git Folder and How To Remediate it

2020-11-23

/posts/git-directory-exposure/ map[name:Sorcery Ltd]