Freelancer
HardAn IDOR in a base64-encoded OTP URL allows hijacking an admin account on a freelancer platform, exposing an MSSQL terminal; privilege escalation …
Ghost
InsaneLDAP injection on a Next.js intranet leaks a service-account secret that unlocks Gitea; a custom Ghost CMS file-read exposes an RCE dev key; from …
Overcertified
EasyAn LDAP service account password stored in its own description field enables BloodHound collection and Kerberoasting of the MSSQLSERVER account; MSSQL …