by Julien Ahrens | Saturday, June 8, 2013 | Advisory
Earlier this year, I’ve reported 7 XSS flaws on different pages of the Dutch MSN Entertainment site to the Microsoft Security Response Center (MSRC case #14103cl) and immediately received a response – not as fast as HP did previously on my HP IMC flaw...
by Julien Ahrens | Saturday, May 25, 2013 | Advisory
I’ve reported an interesting Cross-Site Scripting flaw on the official website of ICQ, the world’s probably best known and most used Cross-Platform Messaging application to the developers in February. This flaw potentially allowed an attacker to steal...
by Julien Ahrens | Tuesday, March 26, 2013 | Advisory
That’s amazing bad. Where should I start? In July 2012 I’ve reported a critical SQL – Injection flaw on the official website of Lower Bavaria alongside another small XSS flaw to the owner of the website. The answer did not take that long asking for...
by Julien Ahrens | Tuesday, March 19, 2013 | Advisory, Exploit
OK…honestly… I promise (!)… this is the last advisory about the ProShow Producer application, but also the most dangerous one with a CVSS Score of 7,2 and exploitable on at least all english Microsoft Windows based operating systems! The facts ?...
by Julien Ahrens | Saturday, March 16, 2013 | Advisory
Hello readers! Take a moment and read the following article on Wikipedia about the German TÜV which is described as: TÜVs (German pronunciation: [ˈtʏf]; short for German: Technischer Überwachungs-Verein, English: Technical Inspection Association) are German...
by Julien Ahrens | Tuesday, March 5, 2013 | Advisory, Exploit
Have you read my last advisory about the HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Vulnerability ? You should do! Taken by itself it’s not even an interesting vulnerability. But! You’re able...
