Quantcast
irccloud

DNS Misconfiguration Found in IRCCloud

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in IRCCloud website www.irccloud.com, which can be exploited by an attacker to conduct Same-Site Scripting attacks. Reference :- http://www.securityfocus.com/archive/1/486606/30/0/threaded Same-Site Scripting :- It’s a common and sensible practice to install records of the form “localhost. IN A 127.0.0.1” into nameserver configurations, Read more…

Weak Ciphers Found in Khan Academy

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a Weak Ciphers Vulnerability in Khan Academy website www.khanacademy.com, which can be exploited by an attacker to decrypt SSL traffic between web server and site visitors. Weak Ciphers :- Sensitive data must be protected when it is transmitted through the network. Such data can include Read more…

c2fo

OPTIONS Method Found in C2FO

Ch. Muhammad Osama, an independent vulnerability researcher has discovered a OPTIONS Method Vulnerability in C2FO website www.c2fo.com, which can be exploited by an attacker to gain additional information about the target system. OPTIONS Method :- HTTP offers a number of methods that can be used to perform actions on the web server. Many Read more…