Pius Walter

Posts

2FA Bypass and Deactivation Attack in MyTaag

2FA Bypass and Deactivation Attack in MyTaag

März 4, 2025 |

This blog post highlights critical vulnerabilities in the MyTaag web application that allows attackers to bypass two-factor authentication (2FA) and deactivate the 2FA mechanism itself. This exploit undermines the security of affected accounts by removing a key layer of protection.

Multiple Critical Vulnerabilities in CADClick

Multiple Critical Vulnerabilities in CADClick

Okt. 4, 2024 |

This blog post uncovers several critical vulnerabilities within the CADClick web application, including SQL Injection, Reflected XSS, and Local File Inclusion (LFI). These security issues pose significant risks not only to the application itself but also to its customers, potentially compromising sensitive data and operational integrity.

Multiple Vulnerabilities in Feripro

Multiple Vulnerabilities in Feripro

Aug. 1, 2024 |

This blog post describes three vulnerabilities in Feripro. These include two Incorrect Access Control vulnerabilities (CVE-2024-41517, CVE-2024-41518) and a Stored Cross-Site Scripting vulnerability (CVE-2024-41519). Feripro is a management software for vacation programs.