Sushant KambleBreaking Through the Template Barrier: The Dark Art of Server-Side InjectionDuring my participation in a recent bug bounty program for a Private Company with Responsible Disclosure, I discovered a Server-Side…4 min read·Feb 26, 2023----
Sushant KambleHow I found Command Injection via Obsolete PHPThumb P1 vulnerabilityHello Readers, after a great response to my previous write-up on Account Takeover Chained to Host Header Injection. I would like to thank…4 min read·Oct 30, 2021--3--3
Sushant KambleAccount Takeover Chained to Host Header InjectionHello Readers, Hope you all are doing well this Pandemic. And in this Lock Down of Work From Home you might have upgraded your skills. Lets…4 min read·May 30, 2021--3--3
Sushant KambleApache Struts-2 Remote Code Execution CVE-2018–11776Hello Guys, Today I am going to tell you about my finding on a web based application and it is a very well known vulnerability found on…3 min read·Apr 1, 2020----