Security Research

Wednesday, 12 December 2007by Adrian PastorAmir Azam

XSS on Apache HTTP Server 413 error pages via malformed HTTP method

Apache HTTP Server exhibits a vulnerability in handling malformed HTTP methods, leading to potential Cross-Site Scripting (XSS) attacks via the 413 ....

Wednesday, 5 December 2007by Jan FryRichard BrainAdrian Pastor

Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection

Absolute News Manager.NET 5.1 is found to be vulnerable to multiple security issues, including unauthenticated file retrieval via directory travers ....

Wednesday, 28 November 2007by Adrian PastorJan Fry

Cross-site Scriptiang (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script

The F5 Networks FirePass 4100 SSL VPN has been identified as vulnerable to Cross-Site Scripting (XSS) attacks through the "my.activation.php3" scri ....

Monday, 26 November 2007by Jan FryAdrian Pastor

BEA Plumtree portal internal hostname disclosure vulnerability

The BEA Plumtree portal exhibits a vulnerability that leads to the disclosure of internal hostnames, as the server's internal hostname is embedded ....

9 February

Hacking ChatGPT and Bard: Enter Prompt Injection Attacks

1 February

Remote Code Execution on SafeScan Biometric IoT Devices

30 July

XSS on Apache HTTP Server 413 error pages via malformed HTTP method

Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection

Cross-site Scriptiang (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script

BEA Plumtree portal internal hostname disclosure vulnerability

Categories

Recent Posts

Hacking ChatGPT and Bard: Enter Prompt Injection Attacks

Remote Code Execution on SafeScan Biometric IoT Devices

Pitfalls of Content-Type Filtering for Apache Struts 2 Vulnerability CVE-2017-5638

Authors

Security Research

Read ProCheckUp’s 'GDPR Bytes' article

BSides London conference 2016