Quantcast
POC

HTTP Response Smuggling in Dropcam

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a HTTP Response Smuggling vulnerability in Dropcam website www.dropcam.com. HTTP Response Smuggling :- Data enters a web application through an untrusted source, most frequently an HTTP request. The data is included in an HTTP response header sent to a web user without being validated Read more…

POC

Content Spoofing Found in Xbox Blog

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Content Spoofing vulnerability in XBOX Blog news.xbox.com, which can be exploited by an attacker to conduct XSS attacks. Content Spoofing :- Content spoofing, also referred to as content injection or virtual defacement, is an attack targeting a user made possible by an Read more…

POC

Cross Site Scripting (XSS) Found in DNSimple

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in DNSimple website www.dnsimple.com, which can be exploited by an attacker to conduct XSS attacks. Cross-Site Scripting :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted Read more…

By Choudhary Muhammad Osama, ago
POC

DNS Misconfiguration Found in IRCCloud

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in IRCCloud website www.irccloud.com, which can be exploited by an attacker to conduct Same-Site Scripting attacks. Reference :- http://www.securityfocus.com/archive/1/486606/30/0/threaded Same-Site Scripting :- It’s a common and sensible practice to install records of the form “localhost. IN A 127.0.0.1” into nameserver configurations, Read more…

POC

Cross Site Scripting (XSS) Found in Bufferapp

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in GoAnimate website www.goanimate.com, which can be exploited by an attacker to conduct XSS attacks. Cross-Site Scripting :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and Read more…

POC

Weak Ciphers Found in Khan Academy

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Weak Ciphers Vulnerability in Khan Academy website www.khanacademy.com, which can be exploited by an attacker to decrypt SSL traffic between web server and site visitors. Weak Ciphers :- Sensitive data must be protected when it is transmitted through the network. Such data can include Read more…

POC

OPTIONS Method Found in C2FO

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a OPTIONS Method Vulnerability in C2FO website www.c2fo.com, which can be exploited by an attacker to gain additional information about the target system. OPTIONS Method :- HTTP offers a number of methods that can be used to perform actions on the web server. Many Read more…

POC

Cross Site Scripting (XSS) Found in GoAnimate

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in GoAnimate website www.goanimate.com, which can be exploited by an attacker to conduct XSS attacks. Cross-Site Scripting :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and Read more…

POC

Cross Site Scripting (XSS) Found in Magix

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in Magix Website www.catooh.com, which can be exploited by an attacker to conduct XSS attacks. Cross-Site Scripting :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and Read more…