<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Rahul Maini — disclosure log</title><description>Offensive security writeups — RCE, XXE, injection, and the occasional CTF.</description><link>https://blog.noob.ninja/</link><item><title>Apple Travel Portal RCE</title><link>https://httpvoid.com/Apple-RCE.md</link><guid isPermaLink="true">https://httpvoid.com/Apple-RCE.md</guid><description>RCE · Critical</description><pubDate>Fri, 15 Jan 2021 00:00:00 GMT</pubDate></item><item><title>Demystifying the Server-Side 2020</title><link>https://blog.noob.ninja/posts/demystifying-the-server-side/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/demystifying-the-server-side/</guid><description>Server-Side · Talk</description><pubDate>Wed, 02 Sep 2020 00:00:00 GMT</pubDate></item><item><title>Spilling Local Files via XXE when HTTP OOB fails</title><link>https://blog.noob.ninja/posts/spilling-local-files-via-xxe-when/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/spilling-local-files-via-xxe-when/</guid><description>XXE · High</description><pubDate>Sat, 07 Dec 2019 00:00:00 GMT</pubDate></item><item><title>Exploiting a Tricky Blind SQL Injection inside Limit Clause</title><link>https://blog.noob.ninja/posts/exploiting-a-tricky-blind-sql-injection-inside-limit-clause/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/exploiting-a-tricky-blind-sql-injection-inside-limit-clause/</guid><description>SQLi · High</description><pubDate>Sun, 21 Jul 2019 00:00:00 GMT</pubDate></item><item><title>H1-5411 CTF</title><link>https://hackerone.com/reports/415501</link><guid isPermaLink="true">https://hackerone.com/reports/415501</guid><description>CTF · CTF</description><pubDate>Fri, 28 Sep 2018 00:00:00 GMT</pubDate></item><item><title>Escalating Low Severity Bugs To High Severity</title><link>https://blog.noob.ninja/posts/escalating-low-severity-bugs-to-high-severity/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/escalating-low-severity-bugs-to-high-severity/</guid><description>XSS · Medium</description><pubDate>Fri, 20 Jul 2018 00:00:00 GMT</pubDate></item><item><title>Local File Read via XSS in Dynamically Generated PDF</title><link>https://blog.noob.ninja/posts/local-file-read-via-xss-in-dynamically-generated-pdf/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/local-file-read-via-xss-in-dynamically-generated-pdf/</guid><description>LFR · High</description><pubDate>Wed, 08 Nov 2017 00:00:00 GMT</pubDate></item><item><title>Story of a Parameter Specific XSS</title><link>https://blog.noob.ninja/posts/story-of-a-parameter-specific-xss/</link><guid isPermaLink="true">https://blog.noob.ninja/posts/story-of-a-parameter-specific-xss/</guid><description>XSS · Low</description><pubDate>Tue, 19 Sep 2017 00:00:00 GMT</pubDate></item></channel></rss>