XAdmin – The N45HT Blog

Skip to content

The N45HT Blog

HOME
LEARNING
TOOLS
NEWS
RESEARCH

About The Author

XAdmin

See author's posts

Breaking Vercel’s Clone URL with a Simple XSS Exploit

XAdmin

•

August 6, 2024

During my exploration of Vercel’s platform, I discovered a reflected XSS vulnerability in the “clone project” functionality. This…
Finding WordPress Vulnerabilities on CarGurus with WPScan

XAdmin

•

August 19, 2023

While exploring CarGurus’ bug bounty program, I discovered a reflected XSS vulnerability on their subdomain dealercentre.cargurus.co.uk. This writeup…
N45HTCTF2023

XAdmin

•

July 21, 2023

N45HTCTF2023 | “Cyber Security and Indonesian History” N45HT held a CTF (Capture the Flag) event to celebrate independence…
Reflected XSS Hidden Input in AT&T

XAdmin

•

January 26, 2022

During my testing of AT&T’s common login page, I discovered a reflected XSS vulnerability in the transactionID parameter.…
N45HT Vulnerability Disclosure Program

XAdmin

•

April 25, 2021

No technology is perfect, and N45HT believes that working with skilled security researchers across the globe is crucial…
XSSR: An automatic XSS scanner

XAdmin

•

March 31, 2021

Is an automatic Cross-site Scripting scanner application with Website, Chrome Extensions, and Windows Desktop platforms. Get in touch:
$300 Bounty for Exploiting DOM-based XSS

XAdmin

•

January 29, 2021

While analyzing XING’s event management platform, I identified a reflected XSS vulnerability in the way event IDs are…

Search

Recent Posts

Drupal CVE-2026-9082 Checker
We recently created a small Python tool to detect CVE-2026-9082,… Read more: Drupal CVE-2026-9082 Checker
We’re Hiring — Node.js Cybersecurity Expert
N45HT is currently looking for a talented and experienced Node.js… Read more: We’re Hiring — Node.js Cybersecurity Expert
Exposed Production Database Found on Sitemile.com
While browsing for WordPress themes, I came across sitemile.com. After… Read more: Exposed Production Database Found on Sitemile.com
YesWeHack Dojo – RubitMQ
Initial Ruby Application Code: The application processes user-supplied data by… Read more: YesWeHack Dojo – RubitMQ
Hacking AI with Markdown: How We Triggered XSS in DeepSeek’s Chat
AI-generated chat messages are becoming a cornerstone of modern digital… Read more: Hacking AI with Markdown: How We Triggered XSS in DeepSeek’s Chat

Social Media

Twitter
Instagram
LinkedIn
Facebook

Advertisement

Tags

API Bug Bounty Capture The Flag Command Injection Cross-site Scripting CTF CVE-2026-9082 Drupal ExifTool HTML Information Disclosure JavaScript Markdown Open Redirection PHP SQL Injection VDP WAF Web Application Firewall XSS XSSR XSSRush

Connect With Us

Bali, Indonesia
[email protected]

Twitter
Instagram
Facebook

Categories

Learning
Tools
News
Research

N45HT

About
Contact
Products
Security

Search

Looking for something specific? Try a search below!

Search

Copyright © 2023 | Made with love by SuperbThemes