ICQ Fixes Referer - Based XSS Vulnerability
I’ve reported an interesting Cross-Site Scripting flaw on the official website of ICQ, the world’s probably best known and most used Cross-Platform Messaging...
Recent posts
ABBS Audio Media Player v3.1 WinALL Exploit
A few weeks ago, one of my followers asked me if I can help him writing a functional exploit for the current version of the Audio Media Player by ABBS becaus...
OSCP Course and Exam Review
As you may have noticed - it went quiet on my blog in the last few weeks. I was heavily working on the challenging Offensive-Security Labs to obtain my Offen...
PayPal Bug Bounty: PayPaltech.com XSS
Great news! Today I received the second payment for another valid Cross-Site Scripting vulnerability covered by PayPal’s bug bounty program. This time the d...
Bezirk-Niederbayern.de Fixes Critical SQL-Injection Flaw After 8 Months - Are We Ready For CyberWar?
That’s amazing bad. Where should I start? In July 2012 I’ve reported a critical SQL - Injection flaw on the official website of Lower Bavaria alongside anoth...