Modern POS 1.3 - SQL Injection

Exploit Title: Modern POS 1.3 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://itsolution24.com/ Software Link: https://codecanyon.net/item/modern-pos-point-of-sale-with-stock-management-system/22702683 Version: 1.3 Category: Webapps Tested on:...

Shopify: SSRF via 'Insert Image' feature of Products/Collections/Frontpage

Hi Security team, I would like to report an another SSRF issue like my previous bug 67377 https://hackerone.com/reports/67377. The description, threats, risks, exploatations are the same. The base request is the following POST /admin/settings/files.json HTTP/1.1 Host: test-4925.myshopify.com...