From Blind XSS to Full SQL Injection: A Deep Dive

13 min · 25. helmi 2025

Kuvaus

In this episode, we dive into a major security flaw uncovered by ULTRA RED’s research team. They found a blind XSS vulnerability that through log poisoning could be escalated into a full-scale SQL injection attack. Tune in as we break down the discovery, the dangers of unsanitized inputs, and the key lessons security teams must learn to prevent similar threats.

Kommentit

Ole ensimmäinen kommentoija

Rekisteröidy nyt ja liity ULTRA RED Wire: Threats Exposed-yhteisöön!

Aloita maksutta

Kaikki jaksot

2 jaksot

From Blind XSS to Full SQL Injection: A Deep Dive

25. helmi 202513 min

The Perfect Heist – How Hackers Hijacked Accounts with an Image

What if a simple image upload could let attackers take over your account? In this episode, we break down a clever exploit where hackers bypassed security controls, injected malicious JavaScript, and exfiltrated data - all while staying under the radar. From dodging CSP to abusing internal chat functions, this attack is a masterclass in chaining vulnerabilities. Tune in as we unravel how it happened and what defenders can learn from it.

31. tammi 202513 min

From Blind XSS to Full SQL Injection: A Deep Dive

Kuvaus

Kommentit

14 vrk ilmainen kokeilu

Kaikki jaksot