Column Truncation SQL Injection Vulnerability 1

  Some time back I was in NotSoSecure CTF www.notsosecure.com/blog/2014/04/21/sqlilab-ctf-wrap-up/ competition, challenge was to use SQL injection(any kind) for obtaining 2 flags, to capture one flag, users were required to register as an admin. The application was vulnerable to column truncation vulnerability. Column truncation is a very interesting vulnerability, its actually a buffer overflow vulnerability, O […]

Column Truncation SQL injection

name1

Persistent Cross Site Scripting in Name.com 2

Name.com is well known Domain Registrar, Hosting company, some time back they introduced a new product Website Builder. As the name says, it allows users to build websites quickly and easily. I saw their facebook post about website builder. I instantly thought, hmm new product, must be buggy . As the product is paid but has […]


Microsoft Hall Of Fame For Reporting Vulnerabilities in Nokia

                              Back in august 2013, i did penetration testing of Nokia Websites, in my 1 week of penetration testing  i found various vulnerabilities(details are below), during pentest , i found that the third party tools that nokia is been using are more […]

n1