CVE-2023-XXXX Vulnerability Description: The Bio star 2 web application contains multiple operator levels, each with different privileges. The “Administrator” level has full permissions, while the “User Operator” level does not have all privileges. However, I have discovered a vulnerability that allows an attacker to escalate their privilege from “User Operator” to “System Administrator.” Exploiting this […]

X Product & Service Introduction: BioStar 2 is a web-based, open, and integrated security platform that provides comprehensive functionality for access control, time & attendance management, visitor management, and video log maintenance. It encrypts all personal data available and supports both SDKs and web APIs to integrate BioStar 2 with third-party software. In addition, users […]

Summary: The following write-up explains a vulnerability I found on Instagram. Due to an Instagram “Leads Submissions” flaw, I was able to export users’ data into a CSV file sent to my email. If you run a business Instagram account, you can collect information about your followers with a form/lead. For example, a store may […]

CVE-2023-31923 Product & Service Introduction: BioStar 2 is a web-based, open, and integrated security platform that provides comprehensive functionality for access control, time & attendance management, visitor management, and video log maintenance. It encrypts all personal data available and supports both SDKs and web APIs to integrate BioStar 2 with third-party software. In addition, users […]