In computer security, a vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system.
Date reported — 02–07–2019 # Vulnerable Software — Apache # CVE: CVE-2017–9798 / USN-3425–1 “OptionsBleed” # Type — P1:Sensitive Data Exposure + P5:Fingerprinting/Banner Grabbing # Domain Affected — *.unesco.org # Tested — https://en.unesco.org (193.242.192.49) Options Bleed is a use after free error in Apache HTTP that causes a corrupted Allow header…
Date reported — 2019-08-29 Firefox Lite 1.9.2 for Android and earlier suffer from exhaustive Address Bar Spoofing, allowing attackers to potentially trick a victim into visiting a malicious domain for legitimate domain name. Firefox Lite is almost installed on more than 10M devices. URL Address Bar spoofing…
Back StoryCOVID-19. Quarantined. How to take tests? Voila. Online. Okay, but how? Tadaa. We were sent an email regarding a new platform which was indigenously built just for us, the students for carrying out the quizzes. Soon enough, I was bombarded to do something about that. I…
IntroductionMonths ago I discovered a flaw hackers can use to access Samsung’s and LG Electronics internal bug tracking and project management instances running on Jira. The flaw only takes a couple of commands to potentially access intranets, cause XSS and anything that SSRF can cause, including something…
Learning to hack stuff takes learning. Yeah, I know, weird right? There is no “get rich quick” way to become 1337 hacker. It’s part learning and part mindset. And no, there is no YouTube video for “WiFi hacking”. If you didn’t switched the tab and searched the…