How I Found 3 CVEs in 2 Days

Author: Ally Petitt Introduction Christmas break is notoriously refreshing for high schoolers like myself, however, unlike most high school students, I got to spend mine doing the most fascinating work in the world: security research. I had previously used Savannah, a GNU bug tracker, to submit a bug report, so when I noticed that the underlying technology, Savane, was open source, I knew I had to put it on my list of research projects....

2024-03-21 · 7 min · Ally Petitt

How I Found an Authentication Bypass Vulnerability — CVE-2023–43154

https://images.pexels.com/photos/5483149/pexels-photo-5483149.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1 Introduction Discovering a CVE was always an idea that enticed me, but I had no idea how to achieve it. Encountering the authentication bypass that I will explain in this article was both unexpected and deeply inspiring. In my preparation for the OSWE, I decided to practice identifying the exam vulnerabilities in real, open-source applications, which would both give me practice for the exam and enable me to contribute to the security community....

2023-09-29 · 8 min · Ally Petitt