Recently, I found an interesting issue Remote Code Execution for AT&T bug bounty program. But before going into this let’s understand Arbitrary Code Execution – Arbitrary Code Execution also know as command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands […]
Hi All, It’s been long time haven’t write any security post but i have come up with security issue on HP ALM Product 11. While testing HP ALM Product latest version I have found that the password encryption used by the Web Application was weak. I was able to break the Password encryption logic. What is […]
Recently, I found an interesting issue qualifying on Yahoo! Pipes. But before going into the details of this specific issue, let’s understand some basic points. What does Authorization mean? In general, authorization relates to the set of activities which a user can perform once logged on to a particular system. This is typically divided into […]
Hi all, Recently i have found Insecure Direct Object Issue on Nokia. I have already reported this issue and also got fixed. Thanks to Nokia developer Team. They have listed my name on Nokia Hall Of Fame List on below mentioned URL: http://www.nokia.com/global/security/acknowledgements/ Before we start discussing the issue we will first look into what […]
Hi Guys, the other day i discovered Stored XSS Issue on Rediff mail and also reported this issue to Rediff didn’t get any Credit for it though 🙂 They dropped me mail notifying that issue has been fixed. I demonstrate the Stored XSS issue.
Most Commented Posts
Shashank Gosavi on Windows Mobile Application Security – Part II Superb. Are you planning to release process for WP10? It ...
pietro on Windows Mobile Application Security – Part II sono stato contento di sbirciare dentro al mio nokia 925 ...
Most Liked Posts
[Twitter Widget Error] You need to authenticate your Twitter App first. Go to Highend Options > Social Links. Read the documentation to find out more.