Column Truncation SQL Injection Vulnerability 1

  Some time back I was in NotSoSecure CTF competition, challenge was to use SQL injection(any kind) for obtaining 2 flags, to capture one flag, users were required to register as an admin. The application was vulnerable to column truncation vulnerability. Column truncation is a very interesting vulnerability, its actually a buffer overflow vulnerability, O […]

Column Truncation SQL injection


Persistent Cross Site Scripting in 2 is well known Domain Registrar, Hosting company, some time back they introduced a new product Website Builder. As the name says, it allows users to build websites quickly and easily. I saw their facebook post about website builder. I instantly thought, hmm new product, must be buggy . As the product is paid but has […]

Microsoft Hall Of Fame For Reporting Vulnerabilities in Nokia

                              Back in august 2013, i did penetration testing of Nokia Websites, in my 1 week of penetration testing  i found various vulnerabilities(details are below), during pentest , i found that the third party tools that nokia is been using are more […]