PHP 5
- Vtenext 25.02 vulnerability research
- Incorrect Authorization to Authenticated (Contributor+) Multiple Media Actions in Prevent Direct Access Wordpress Plugin (CVE-2025-3861)
- Authenticated Static Code Injections in OpenCart (CVE-2023-47444)
- WAF bypass and vulnerability chain exploiting parser differentials
- Bypassing addslashes() using format string to get SQL Injection