Image for post
Image for post

Server Side Request Forgery in OsTicket

Hello guys, I hope everyone is doing great! A little introduction about me, My name is Talat Mehmood and I’m an active bounty hunter, Freelancer and Penetration tester since 2017.

While working on a Penetration Testing Project (let’s say abc company), I came across their support portal. They were using OsTicket 1.12.x. On digging further, I discovered that “Print” module is vulnerable to Server Side Request Forgery (SSRF). I’ll try to keep this writeup as simple as possible.


Image for post
Image for post

Hello Guys, I’m writing this article to share with the community a vulnerability I found in PSEB’s IT Certification Program back in January 27th 2020. I reported it to them but didn’t receive any serious response from them. Since, the program has expired now so I’m publicly sharing the vulnerability.

If you have read my other articles, you’d know Parameter Tampering is one of my favorite attacks. It is very easy to exploit and do not require special setup of tools. The simplest definition of this vulnerability is:

Parameter Tampering is a type of vulnerability found in mostly eCommerce websites…


Image for post
Image for post

Hello guys, I hope everyone is doing great!
A little introduction about me, My name is Talat Mehmood and I’m an active bounty hunter, Freelancer and Penetration tester since 2017.

A lot of people asked me to writeup about my first ever bug bounty. Today, I finally got the time to write about it. This vulnerability is actually pretty interesting, so here it goes.

Alright, so I was testing the “Sign up” module of the web application (let’s just call it vulnme.com). …


Image for post
Image for post

INTRODUCTION

Hello guys, I hope you all are doing good during this Pandemic. A little introduction about me, My name is Talat Mehmood and I’m an active bounty hunter, Freelancer and Penetration tester since 2017.

This is one of my favorite vulnerabilities that I’ve identified throughout my career in Information Security as Penetration Tester so I thought I should write an article about it to help the community.

“Price manipulation is a type of Parameter tampering vulnerability where an attack can change the price of a placed order. This vulnerability is common in eCommerce websites”

What made this vulnerability so special…

Talatmehmood

Ethical Hacker | Bug Bounty Hunter | Freelancer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store