CVE-2026-11571: Unauthenticated Sensitive Information Exposure in Everest Forms
Technical analysis of CVE-2026-11571, an unauthenticated sensitive information exposure vulnerability in Everest Forms caused by residual public CSV artifacts.
Duy Tran
CVE-2026-11855: Unauthenticated Stored XSS in Simple Membership
Technical analysis of CVE-2026-11855, an unauthenticated stored cross-site scripting vulnerability in the Simple Membership WordPress plugin.
Write-up: Cyber Kill Chain (TryHackMe) — biusa_mrdarkroot
Xin chào Jekyll 👋 Bài viết này tổng hợp toàn bộ nội dung từ phòng TryHackMe: Cyber Kill Chain, bao gồm giải thích chi tiết 7 giai đoạn của mô hình Lockheed Martin Cyber Kill Chain, cùng các ví dụ ...
Lxd Priv Esc Writeup
“Write-up: LXD Privilege Escalation — Theory, Risks & Defenses (Safe)” date: 2025-10-20 14:00:00 +0700 categories: [Security, Writeup] tags: [lxd, privilege-escalation, hardening, linux, def...
Write-up:Hacking with powershell (TryHackMe)
Hello Jekyll This write-up summarizes the PowerShell room exercises and solutions. Author: biusa_mrdarkroot We explore PowerShell basics, Windows enumeration using PowerShell, and scripting chall...
Write-up: Whats Your Name? (TryHackMe)
Hello Jekyll This is my write-up — biusa_mrdarkroot — for the “Whats Your Name?” challenge on TryHackMe. The write-up documents client-side exploitation (stored XSS), session hijacking, and sensit...
Security Principles: CIA, DAD, Security Models, and Zero Trust
A practical summary of core security principles, including the CIA and DAD triads, Bell-LaPadula, Biba, Clark-Wilson, defence in depth, and Zero Trust.
Write-up: Net Sec Challenge — Network Security (TryHackMe)
Hello Jekyll This write-up documents my solution for the Net Sec Challenge — Network Security room on TryHackMe. Author: biusa_mrdarkroot The goal of this challenge is to practice skills from the...