Introduction

KBID 1 - Path traversal (LFI)

KBID 3 - Cross Site Scripting

KBID 3 - Cross site scripting (attribute)

KBID 3 - Cross site scripting (href)

KBID 5 - CSRF

KBID 5 - CSRF - Samesite

KBID 6 - XXE

KBID 13 - File upload

KBID 20 - Clickjacking

KBID 29 - Brute force login

KBID 39 - HttpOnly session hijacking XSS

KBID 45 - Exposed docker daemon

KBID 46 - SQLI (Union)

KBID 67 - Open Redirect

KBID 67 - Open Redirect Harder

KBID 67 - Open Redirect Harder-2

KBID 95 - Formula Injection

KBID 111 - Client Side Template Injection

KBID 112 - CORS exploitation

KBID 147 - parameter binding attack

KBID 156 - SQLI (Like)

KBID 156 - SQLI (Blind)

KBID 173 - Local File Inclusion

KBID 173 - Local File Inclusion-2

KBID 173 - Local File Inclusion-3

KBID 173 - Remote File Inclusion

KBID 178 - Content-Security-Policy

KBID 250 - Session Puzzling

KBID 251 - Command Injection 1

KBID 251 - Command Injection 2

KBID 251 - Command Injection 3

KBID 251 - Blind command injection

KBID 262 - Server Side Request Forgery

KBID 266 - Tabnabbing

KBID 267 - SSTI

KBID 268 - Insecure direct object references

KBID 271 - Deserialisation Yaml

KBID 271 - Deserialisation Pickle-1

KBID 271 - Deserialisation Pickle-2

KBID 285 - GraphQL IDOR

KBID 285 - GraphQL Injections

KBID 285 - GraphQL Introspection

KBID 285 - GraphQL Mutations

KBID 7006 - JWT Null

KBID 7006 - JWT Secret

KBID XXX - Race Condition

KBID XXX - DoS Regex

KBID XXX - Information Leakeage in Comments

KBID XXX - Information Leakeage in Metadata

KBID XXX - Auth-bypass-1

KBID XXX - Auth-bypass-2

KBID XXX - Auth-bypass-3

KBID XXX - XSSI (include files from untrusted sources)

KBID XXX - TLS downgrade

KBID XXX - Client side restriction bypass harder

template