Sven Morgenroth

A rare case of a bug found through a private bug bounty program being publicly acknowledged. Great to see :) https://t.co/WU9N2nukk4

Doesn't work in chrome or FF

How to alert in edge / IE without alert, prompt or confirm using onbeforeunload https://t.co/BqpGQL6h5o

No PHP, no spaces, no $, no { }, bash only IFS=,;`cat<<<uname,-a`

All domains using CloudFlare have a CSP bypass gadget. Don't use 'unsafe-eval' for CloudFlare domains. PoC: https://t.co/9HRSQwOlbO

Btw, the PHP closing tag can be omitted if you replace it with a semicolon `cat<<<'<?="uname\x20-a";'|php`

Command injection without space, $, {, } Python3 or PHP on server? uname`cat<<<'<?="\x20"?>'|php`-a uname`cat<<<'print("\x20")'|python3`-a