Sitemap

A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.

Pages

Posts

EN | Race Condition to Users Limit Bypass in Add User Function

In September of last year, I found a Race Condition vulnerability at an Online Services company located in the Netherlands. They had a private Zerocopter program and that’s why I was doing bug hunting based on web applications, on their systems. And I reported the…

EN | Clickjacking to Account Takeover via Drag&Drop

In August of this year, I found a Clickjacking vulnerability in a dutch company. Later I realized that this vulnerability could be upgraded to Account Takeover. Then, I coded a PoC template with CSS and reported the vulnerability. And they fixed…

EN | Alert-box Message Content Manipulation based Base64

In July of this year, I found a Content Spoofing vulnerability in a Bitcoin Exchange company. The system was very simple, an encrypted text in a GET parameter was decrypted and reflected on the homepage in an alertbox. I know it’s…

EN | Stored XSS with Password Recovery Page

In April of this year, I found a Stored Xss vulnerability at University of Utwente. However, I later realized that there was a vendor of the vulnerable system, and I contacted them. Then they fixed this vuln. and rewarded me with a $$$ bounty. Also this was my first bounty…

exploits

IceWarp <11.4.4.1 Cross-Site Scripting - CVE-2020-8512

In IceWarp Webmail Server through versions 11.4.4.1 and below, there is XSS in the /webmail/ color parameter.

IceWarp is mail and collaboration server software aimed at small to mid-range businesses and as an alternative to services such as Microsoft Exchange. The XSS vulnerability in question was resolved in 11.4.4.1 of IceWarp.

Earlier versions of the technology are vulnerable to a flaw that means an attacker can use an XSS loophole the /WebMail/ color parameter to send a malicious script to unsuspecting admins or users.

portfolio

publications

talks