Tags » XSS

XSS vulnerability security bug on the searchHist cookie of Samsung Website

8 months ago I found a XSS vulnerability security on Samsung website and later reported to Samsung Security Team. This bug allows hacker to inject malicious scripts via searchHist cookie. 186 more words

Security Bug

Eddie Bauer the Latest Victim of POS Malware Attack

Outdoor clothing company Eddie Bauer has become the latest victim of a large scale Point of Sale malware attack, leading to the compromise of customer card data over the first six months of this year. 377 more words

Cross Site Scripting - part 2


Lets get our hands dirty with XSS  :P


1)Prompted to input data in a text field , insert a script there.

2)Here we have the output. 448 more words

Application Security

Can't Miss Salesforce Security Webinar Series

I know security is probably not your favorite subject. But these days, it seems like everyday there is another major story coming out about how some big company has a major security breach. 231 more words


Cross Site Scripting - Part 1

2 things before we begin

  • Don’t confuse this with CSS (Cascaded StyleSheet). Some genius replaced the C with X thus giving it new identity i.e. XSS.
  • 467 more words
Application Security

Hacking Google for fun and profit

I have been doing bug bounties since September 2013(Asana was the first), participated and qualified in almost all bug bounties at least once. My bucket list had Facebook, Yahoo, Twitter, Dropbox, Github and 100+ such sites (including couple of… 628 more words

Bài 1: Kĩ thuật tấn công SQL injection và XSS (cross-site scripting)

1.    SQL injection

1.1.  SQL injection là gì?

  • SQL injection là kĩ thuật cho phép các kẻ tấn công thực hiện các lệnh thực thi SQL bất hợp pháp (mà người phát triển không lường trước được), bằng cách lợi dụng các lỗ hổng bảo mật từ dữ liệu nhập vào của các ứng dụng.
  • 1,719 more words