by Julien Ahrens | Wednesday, May 1, 2013 | Certifications
As you may have noticed – it went quiet on my blog in the last few weeks. I was heavily working on the challenging Offensive-Security Labs to obtain my Offensive-Security Certified Professional (OSCP) certification. AND ! Yesterday! I received the mail...
by Julien Ahrens | Saturday, April 13, 2013 | Bug Bounty
Great news! Today I received the second payment for another valid Cross-Site Scripting vulnerability covered by PayPal’s bug bounty program. This time the domain www.paypaltech.com was affected, which provides scripts and samples used for...
by Julien Ahrens | Tuesday, March 26, 2013 | Advisory
That’s amazing bad. Where should I start? In July 2012 I’ve reported a critical SQL – Injection flaw on the official website of Lower Bavaria alongside another small XSS flaw to the owner of the website. The answer did not take that long asking for...
by Julien Ahrens | Tuesday, March 19, 2013 | Advisory, Exploit
OK…honestly… I promise (!)… this is the last advisory about the ProShow Producer application, but also the most dangerous one with a CVSS Score of 7,2 and exploitable on at least all english Microsoft Windows based operating systems! The facts ?...
by Julien Ahrens | Saturday, March 16, 2013 | Advisory
Hello readers! Take a moment and read the following article on Wikipedia about the German TÜV which is described as: TÜVs (German pronunciation: [ˈtʏf]; short for German: Technischer Überwachungs-Verein, English: Technical Inspection Association) are German...
