SSRF Blocklist Bypass – Internal File Disclosure via Localhost Filtering Evasion | CutCorner

Lab Link Lab: CutCorner Overview The CutCorner challenge demonstrates a Server-Side Request Forgery (SSRF) vulnerability combined with an insufficient blacklist implementation. The application ...

May 22, 2026 A01 - Broken Access Control, SSRF

Coltsfoot Community Center WebVerse challenge

Missing Access Control – Unrestricted Staff Portal Exposure | Coltsfoot Community Center

Lab Link Lab: Coltsfoot Community Center Overview The Coltsfoot Community Center challenge demonstrates a Broken Access Control issue where sensitive functionality relied on obscurity instead of...

May 21, 2026 A01 - Broken Access Control, Missing Authorization

SQL Injection – Secret Extraction from Internal Logs Console | Vibed

Lab Link Lab: Viber Overview The Vibed challenge demonstrates a classic SQL Injection vulnerability within an internal administrative log filtering functionality. The application contained an a...

May 21, 2026 A05 - Injection, SQL Injection

Sensitive Information Disclosure – Secrets Exposed in Base64 Session Cookie | Cookie Cutter

Lab Link Lab: Cookie Cutter Overview The Cookie Cutter challenge demonstrates an information disclosure vulnerability caused by storing sensitive application data directly inside client-side coo...

May 20, 2026 A04 - Cryptographic Failures, Sensitive Information Disclosure

Client-Side Price Manipulation – Discount Abuse via Cookie Tampering | Snooker

Lab Link Lab: snooker Overview The Snooker challenge demonstrates a business logic vulnerability where security-sensitive pricing information was trusted from client-controlled data. The applic...

May 19, 2026 A06 - Insecure Design, Business Logic Abuse

Weak Password Reset – Brute Force of 4-Digit Reset Token Leading to Account Takeover | Heartwood Outfitters

Lab Link Lab: Heartwood Outfitters Overview Password reset functionality is commonly implemented to improve usability, but weak reset mechanisms frequently become direct paths to account comprom...

May 19, 2026 A07 - Authentication Failures, Weak Authentication

Information Disclosure – Sensitive Debug Header Leakage via Response Metadata | Header Hunt

Lab Link Lab: Header Hunt Overview Applications often expose more information than intended through HTTP response headers. During development, engineers may add custom headers for troubleshootin...

May 19, 2026 A01 - Broken Access Control, Information Disclosure

Workflow Access Control Bypass – Admin Privilege Escalation | Lazy Human Resources

Lab Link Lab: Lazy Human Resources Overview The Lazy Human Resources challenge demonstrates a classic workflow authorization flaw where the application relies on client-side restrictions rather ...

May 18, 2026 A01 - Broken Access Control, Authorization Bypass

Stored XSS – Internal Endpoint Enumeration Through Comment Injection | Crate & Sleeve

Lab Link Lab: Crate & Sleeve Overview The Crate & Sleeve challenge appears to demonstrate a Stored Cross-Site Scripting (Stored XSS) vulnerability within community comment functionality....

May 18, 2026 A05 - Injection, Stored Cross-Site Scripting

Halftrack Model Railroad Club WebVerse challenge

Weak Credentials – Authentication Compromise via Password Brute Force | Halftrack Model Railroad Club

Lab Link Lab: Halftrack Model Railroad Club Overview The Halftrack Model Railroad Club challenge demonstrates an authentication weakness caused by predictable usernames, weak passwords, and miss...

May 18, 2026 A07 - Authentication Failures, Password Brute Force