Jquery XSS
Long time back I reported an xss in JQuery’s website and few days back I noticed that it was fixed. jQuery is a multi-browser JavaScript library designed to simplify the client-side scripting of HTML. It was released in January…
Long time back I reported an xss in JQuery’s website and few days back I noticed that it was fixed. jQuery is a multi-browser JavaScript library designed to simplify the client-side scripting of HTML. It was released in January…
Waze is one of the world’s largest community based traffic and navigation app which was acquired by Google June 11, 2013 . And Google opens up responsible disclosure for their acquired websites . So I thought of trying my hands…
Imgur is an online image hosting service founded by Alan Schaaf in 2009 in Athens, Ohio. Imgur describes itself as “the home to the web’s most popular image content, curated in real time by a dedicated community through commenting, voting…
This just an awareness for my blog readers . Think of the bad time when you go to your nearest ATM and find out that your bank balance is NILL. Because someone (a bad guy) hacked your account and transferred…
Every one is aware of the CTF and many of you might have been or still are active warriors of CTF. I spotted one XSS in their blog and they fixed it the very day . It was just a…
Long back I spotted a Directory Traversal bug in Heroku. “Heroku is a cloud platform is a cloud application platform – a new way of building and deploying web apps.. Heroku was acquired by Salesforce.com in 2010” They were quite…
Every one knows about ORACLE . Oracle Corporation is an American multinational computer technology corporation headquartered in Redwood City, California, United States. I spotted some security issues in their website and finally they have fixed it . One of them…
Well this is my first blog-post and I am going to share a Local File inclusion bug which I spotted in Nokia maps. :///etc/passwd reported on 2nd JAN 2013 Nokia fixes it on 20th JAN 2013 And I received an…
This was an interesting bug which I found in Nokia email app for Symbian mobiles in MARCH 2013. The email app was not filtering the JavaScripts in the body part of the mail and thereby leading to JavaScript execution via…