Security
- Home /
- Categories /
- Security
The Trendsale Chronicles: Breaching the admin portal
- Cornelius Reetz & Mohamed Macow
- Bug bounty , Security , Trendsales , Sanitation , Unauthorised access
Finding the domain In the previous blog post, we discussed how we found a stored XSS vulnerability in the Trendsales platform.
Read MoreThe Trendsale Chronicles: Initial contact. Deactivating accounts, unearthing XSS and Filetype Flaws
Finding our first flaws in Trendsales and establishing contact with them As curious people, and former sneaker bot developers we like to “poke” at website API’s and how they work, to try and see how the internet is designed and how it develops, it doesn’t really matter which site we’re exploring, we do it everywhere, and Trendsales was no exclusion.
Read More