pspaul's blog
  • Home

    2024

  • 2024-10-28
    Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey
  • 2024-06-19
    justCTF 2024 Teaser: Casino (Web 394)
  • 2024-03-21
    Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices    on sonarsource.com

    • 2023

  • 2023-11-20
    VSCode: Vulnerabilities in the NPM Integration (3/3)    on sonarsource.com
  • 2023-09-20
    RCE in Tutanota Desktop    on sonarsource.com
  • 2023-09-12
    XSS in Skiff Mail    on sonarsource.com

    • 2022

  • 2022-07-12
    RCE via Prototype Pollution in Blitz.js    on sonarsource.com

    • 2021

  • 2021-11-30
    NodeBB 1.18.4 - Remote Code Execution With One Shot    on sonarsource.com
  • 2021-08-31
    Ghost CMS 4.3.2 - Cross-Origin Admin Takeover    on sonarsource.com
  • 2021-07-13
    Etherpad 1.8.13 - Code Execution Vulnerabilities    on sonarsource.com
  • 2021-03-18
    NoSQL Injection in Rocket.Chat: How A Small Leak Grounds A Rocket    on sonarsource.com
Copyright © 2025 pspaul
  • Home