https://blog.spiizn.xyz/categories/writeups/Recent content in Writeups on SpiizN's BlogHugoenMon, 06 Apr 2026 00:00:00 +0000https://blog.spiizn.xyz/writeups/fcsc-2026-shrimp-saver/Mon, 06 Apr 2026 00:00:00 +0000https://blog.spiizn.xyz/writeups/fcsc-2026-shrimp-saver/TL;DR: XSS via HTML entity double-parse and CSP bypass via PHP warninghttps://blog.spiizn.xyz/writeups/fcsc-2026-fcsc-aquarium/Sun, 05 Apr 2026 00:00:00 +0000https://blog.spiizn.xyz/writeups/fcsc-2026-fcsc-aquarium/TL;DR: RCE via data: URI injection in import() and node permission bypass via inspector APIhttps://blog.spiizn.xyz/writeups/fcsc-2026-bubulle-corp-part1/Fri, 03 Apr 2026 00:00:00 +0000https://blog.spiizn.xyz/writeups/fcsc-2026-bubulle-corp-part1/TL;DR: SSRF by bypassing the https:// scheme filter through an XML parsing discrepancyhttps://blog.spiizn.xyz/writeups/fcsc-2026-shellfish-say/Fri, 03 Apr 2026 00:00:00 +0000https://blog.spiizn.xyz/writeups/fcsc-2026-shellfish-say/TL;DR: XSS via path traversal chained with arbitrary file write through PHP session upload progress