Always Stay Ahead!

Two recently discovered vulnerabilities affecting SHAREit Android application <= v 4.0.38. The first one allows attacker to bypass SHAREit device authentication mechanism, and the other one enables authenticated attacker to download arbitrary files from user's device. Both vulnerabilities were reported to the vendor and patches have been released.

Extracting data without knowing columns names from MYSQL < 5 or in case of WAF blacklisting sending information_schema in the request