Loading video...

Video Failed to Load

Go Home

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX's profile picture

NullSecurityX

11,726 subscribers

91,745 views • 2 months ago •via X (Twitter)

News & PoliticsScience & Technology
LIVE

Anya Rossi• Live Now

Private livecam show

0 Comments

No comments available

Comments from the original post will appear here

Related Videos

🚨PoC for CVE-2024-46538 PfSense Stored XSS lead to RCE
0:33

🚨PoC for CVE-2024-46538 PfSense Stored XSS lead to RCE

Dark Web Informer

64,295 views • 1 year ago

🚨CVE-2025-26529: Moodle XSS to RCE Exploit Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.
3:48

🚨CVE-2025-26529: Moodle XSS to RCE Exploit Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.

Dark Web Informer

22,929 views • 5 months ago

It's been just over a year since CVE-2024-54529 was patched. To celebrate, I'm open-sourcing my full PoC exploit for this CoreAudio type confusion vulnerability 🔊 The code is right here! Enjoy:
0:23

It's been just over a year since CVE-2024-54529 was patched. To celebrate, I'm open-sourcing my full PoC exploit for this CoreAudio type confusion vulnerability 🔊 The code is right here! Enjoy:

Dillon Franke

39,370 views • 4 months ago

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,367 views • 2 years ago

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec
0:42

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec

HackGit

76,809 views • 3 years ago

Exploiting a DOM-XSS vulnerability in a BBP with DorkixAI
1:15

Exploiting a DOM-XSS vulnerability in a BBP with DorkixAI

Gospel

15,055 views • 1 month ago

3,000$ Bug Bounty Reward from Microsoft Forms: Reflected XSS Vulnerability Writeup:
0:22

3,000$ Bug Bounty Reward from Microsoft Forms: Reflected XSS Vulnerability Writeup:

Dark Web Informer

23,493 views • 4 months ago

Discovered a new xss payload that bypasses cloudflare web application firewall!! Payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS #cybersecurity #ethicalhacking #bugbounty #bugbountytips #penetrationtesting
0:23

Discovered a new xss payload that bypasses cloudflare web application firewall!! Payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS #cybersecurity #ethicalhacking #bugbounty #bugbountytips #penetrationtesting

Faiyaz Ahmad

37,668 views • 1 year ago

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:
3:26

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:

Dark Web Informer

22,486 views • 1 year ago

🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit:
2:37

🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit:

Dark Web Informer

69,288 views • 1 year ago

🚨CVE-2024-40725: Apache 2.4.0/2.4.61 HTTP Request Smuggling... Using Custom Nuclei Template CVSS: 5.3 PoC: Via:
2:03

🚨CVE-2024-40725: Apache 2.4.0/2.4.61 HTTP Request Smuggling... Using Custom Nuclei Template CVSS: 5.3 PoC: Via:

Dark Web Informer

21,030 views • 10 months ago

Laravel-livewire RCE (CVE-2025-54068) - Video POC Here is the Exploit Github repo: ~credit synacktiv For more bugbounty content Join my telegram channel:
1:31

Laravel-livewire RCE (CVE-2025-54068) - Video POC Here is the Exploit Github repo: ~credit synacktiv For more bugbounty content Join my telegram channel:

DarkShadow

15,050 views • 4 months ago

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter
0:46

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter

Mobile Hacker

129,637 views • 2 years ago

🚨CVE-2025-29927: Next.js Middleware Bypass Vulnerability PoC: Credit:
2:53

🚨CVE-2025-29927: Next.js Middleware Bypass Vulnerability PoC: Credit:

Dark Web Informer

21,021 views • 8 months ago

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:
3:47

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:

Dark Web Informer

28,847 views • 4 months ago

‼️ CVE-2025-1974: Kubernetes IngressNightmare Vulnerability CVSS: 9.8 PoC: PoC Published: March 26th, 2026
0:51

‼️ CVE-2025-1974: Kubernetes IngressNightmare Vulnerability CVSS: 9.8 PoC: PoC Published: March 26th, 2026

Dark Web Informer

16,135 views • 4 months ago

Popping alert(1) doesn't show REAL impact. Escalate your XSS by stealing cookies instead👇 Better XSS escalation paths here:
0:36

Popping alert(1) doesn't show REAL impact. Escalate your XSS by stealing cookies instead👇 Better XSS escalation paths here:

bugcrowd

177,265 views • 1 month ago

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:
0:37

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:

NullSecurityX

19,539 views • 1 month ago

🚨PoC CVE-2025-32433: Critical Erlang/OTP SSH RCE Vulnerability Credit:
0:37

🚨PoC CVE-2025-32433: Critical Erlang/OTP SSH RCE Vulnerability Credit:

Dark Web Informer - Cyber Threat Intelligence

10,660 views • 1 year ago