There is a File Content Disclosure vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

TradingView Charting Library XSS Vulnerablity, high impact

CSAW CTF Qualification Round 2018 Web 50 Ldab Write-up - LDAP Injection

If a Redis is publicly accessible and is not protected by password, a remote attacker can exploit this to gain unauthorized access to the server. Let's learn how to set up a vulnerable redis server and attack it. We will also explore how to search and verify vulnerable redis out there with powerful search engine Shodan and automated python exploit

Hack This Site Basic Missions Write-up (Few Spoilers)

Have you ever heard of the Google Games? Get ready to have some fun! This "in a box" version of the Games includes head-to-head team competitions in a series of challenges including trivia, puzzles, word association, and coding.