Security Research

Wednesday, 14 January 2009by Adrian Pastor

XSS on Cisco IOS HTTP Server

The Cisco IOS HTTP server is vulnerable to Cross-Site Scripting (XSS) attacks due to improper handling of invalid parameters by the "/ping" server- ....

Friday, 14 November 2008by Adrian Pastor

Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760

The 3Com AP 8760 utilizes an HTTP authentication mechanism that relies solely on the administrator's source IP address for authentication, without ....

Wednesday, 22 October 2008by Adrian Pastor

Research Paper: Achieving Persistent HTML Injection via SNMP on Embedded Devices

Gaining SNMP write access is typically seen as a high-risk security breach, making the concept of SNMP injection seem redundant at first glance, as ....

Thursday, 9 October 2008by Adrian Pastor

Unauthenticated SQL Injection, XSS and Username Enumeration on DPSnet Case Progress

Progress, an internet-based platform, facilitates real-time tracking of case management details by various stakeholders, including clients and lega ....

9 February

Hacking ChatGPT and Bard: Enter Prompt Injection Attacks

1 February

Remote Code Execution on SafeScan Biometric IoT Devices

30 July

XSS on Cisco IOS HTTP Server

Authentication Bypass, Passwords Leakage and SNMP Injection on 3Com AP 8760

Research Paper: Achieving Persistent HTML Injection via SNMP on Embedded Devices

Unauthenticated SQL Injection, XSS and Username Enumeration on DPSnet Case Progress

Categories

Recent Posts

Hacking ChatGPT and Bard: Enter Prompt Injection Attacks

Remote Code Execution on SafeScan Biometric IoT Devices

Pitfalls of Content-Type Filtering for Apache Struts 2 Vulnerability CVE-2017-5638

Authors

Security Research

Read ProCheckUp’s 'GDPR Bytes' article

BSides London conference 2016