March 2015 - Blog - Choudhary Muhammad Osama

POC

HTTP Response Smuggling in Dropcam

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a HTTP Response Smuggling vulnerability in Dropcam website www.dropcam.com. HTTP Response Smuggling :- Data enters a web application through an untrusted source, most frequently an HTTP request. The data is included in an HTTP response header sent to a web user without being validated Read more…

By Choudhary Muhammad Osama, 7 yearsMarch 30, 2015 ago

POC

Content Spoofing Found in Xbox Blog

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Content Spoofing vulnerability in XBOX Blog news.xbox.com, which can be exploited by an attacker to conduct XSS attacks. Content Spoofing :- Content spoofing, also referred to as content injection or virtual defacement, is an attack targeting a user made possible by an Read more…

By Choudhary Muhammad Osama, 7 yearsMarch 15, 2015 ago