March 2015 - Blog - Choudhary Muhammad Osama

HTTP Response Smuggling in Dropcam

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a HTTP Response Smuggling vulnerability in Dropcam website www.dropcam.com. HTTP Response Smuggling :- Data enters a web application through an untrusted source, most frequently an HTTP request. The data is included in an HTTP response header sent to a web user without being validated Read more…

By Choudhary Muhammad Osama, 10 yearsMarch 30, 2015 ago

POC

Content Spoofing Found in Xbox Blog

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Content Spoofing vulnerability in XBOX Blog news.xbox.com, which can be exploited by an attacker to conduct XSS attacks. Content Spoofing :- Content spoofing, also referred to as content injection or virtual defacement, is an attack targeting a user made possible by an Read more…

By Choudhary Muhammad Osama, 10 yearsMarch 15, 2015 ago