Fur Hire

A recurring weekly challenge — each entry covers a different vulnerability. Listed oldest to newest.

BugForge - Weekly - Fur Hire (Jan 31, 2026)

This walkthrough demonstrates a second-order SQL injection vulnerability in a job recruitment application where malicious SQL payloads injected into job titles…

SQL Injection SQL Injection Second Order

Posted on 2026-01-31 09:00 5 min read

BugForge - Weekly - Fur Hire (Feb 28, 2026)

This walkthrough demonstrates two chained vulnerabilities in a job recruitment application. The /api/register endpoint exposes a role parameter that is…

Mass Assignment Privilege Escalation MFA Brute Force Rate Limit Bypass

Posted on 2026-02-28 09:00 7 min read

BugForge - Weekly - Fur Hire (Mar 14, 2026)

This walkthrough demonstrates a chained attack against a job recruitment application protected by a WAF. The application reflects unsanitised input in the…

XSS WAF Bypass CSRF

Posted on 2026-03-14 09:00 7 min read