Back to directory
WRITEUP #1399

IP spoofing and SQL injection in Textcube

SQL InjectionIP spoofingHTTP header attackSecurity code review
bySjoerd Langkemper
Program
Textcube
Published
Mar 15, 2023
Added to HackDex
Mar 15, 2023
Read Full Writeuphttps://www.sjoerdlangkemper.nl/2023/03/15/textcube-sql-injection-session-ip-spoofing/
RELATED WRITEUPS
Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670
SQL InjectionReverse engineering
Exploiting authorization by nonce in WordPress plugins
RCEArbitrary file upload
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload

Built with ❤️ by Shubham Rawat