Skip to content

Sam Curry

Web Application Security Researcher
  • Home
  • Blog
  • Contact

Month: June 2017

Permanent account takeover on Yahoo’s Small Business platform

June 25, 2017 samwcyo

If you decided to go out and spontaneously develop a content management system one of the most crucial and necessary…

Continue Reading →

How I could’ve taken over the production server of a Yahoo acquisition through command injection

June 4, 2017 samwcyo 2d Comments

On the night of May 20th I had begun to develop a small headache and neck pains after spending days…

Continue Reading →

Recent Posts

  • Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform
  • Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
  • Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library

Archives

  • August 2023
  • January 2023
  • September 2022
  • December 2020
  • October 2020
  • June 2020
  • May 2020
  • April 2020
  • November 2019
  • September 2019
  • July 2019
  • December 2018
  • July 2018
  • May 2018
  • November 2017
  • August 2017
  • June 2017
  • May 2017