Sitemap > Lütfü Mert Ceylan


A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.



EN | Race Condition to Users Limit Bypass in Add User Function

In September of last year, I found a Race Condition vulnerability at an Online Services company located in the Netherlands. They had a private Zerocopter program and that’s why I was doing bug hunting based on web applications, on their systems. And I reported the…

EN | Clickjacking to Account Takeover via Drag&Drop

In August of this year, I found a Clickjacking vulnerability in a dutch company. Later I realized that this vulnerability could be upgraded to Account Takeover. Then, I coded a PoC template with CSS and reported the vulnerability. And they fixed…

EN | Alert-box Message Content Manipulation based Base64

In July of this year, I found a Content Spoofing vulnerability in a Bitcoin Exchange company. The system was very simple, an encrypted text in a GET parameter was decrypted and reflected on the homepage in an alertbox. I know it’s…

EN | Stored XSS with Password Recovery Page

In April of this year, I found a Stored Xss vulnerability at University of Utwente. However, I later realized that there was a vendor of the vulnerable system, and I contacted them. Then they fixed this vuln. and rewarded me with a $$$ bounty. Also this was my first bounty…


IceWarp < Cross-Site Scripting - CVE-2020-8512

In IceWarp Webmail Server through versions and below, there is XSS in the /webmail/ color parameter.

IceWarp is mail and collaboration server software aimed at small to mid-range businesses and as an alternative to services such as Microsoft Exchange. The XSS vulnerability in question was resolved in of IceWarp.

Earlier versions of the technology are vulnerable to a flaw that means an attacker can use an XSS loophole the /WebMail/ color parameter to send a malicious script to unsuspecting admins or users.