papers

What this paper is This paper, published in 2010 by Michael Brooks, details multiple security vulnerabilities found in OpenAuto version 1.6.3, a PHP-based web application. The identified issues include Cross-Site Scripti

What this paper is This paper details two distinct vulnerabilities found in Pligg CMS version 1.1.2: a Blind SQL Injection flaw and a Cross-Site Scripting (XSS) flaw. The author, Michael Brooks, published this informatio

What this paper is This document is the second issue of an eZine titled "[eZine] Owned and Exposed," published by a group identifying themselves as "owned & exp0sed." The eZine's stated purpose is to expose and take down

What this paper is This paper describes a Cross-Site Request Forgery (CSRF) vulnerability found in CubeCart version 3.0.4 (and implicitly affecting 3.0.6 as per the title). The vulnerability allows an attacker to trick a

What this paper is This paper details a Denial of Service (DoS) vulnerability in the HttpBlitz web server. The exploit, published by otoy in 2010, demonstrates how sending a large, malformed HTTP request can cause the Ht

What this paper is This paper details a SQL injection vulnerability in SquareCMS version 0.3.1. Specifically, it targets the script, which fails to properly sanitize user input before using it in a database query. This a