Tag: security

Disclosing a local file inclusion vulnerability in xmlhttprequest library

I found a Local File Inclusion (LFI) security vulnerability in xmlhttprequest library but it's still unfixed.
Apr 27, 2023 ~ 2 min read
security
vulnerability
advisory
cve
xmlhttprequest
local-file-inclusion
lfi
Disclosing uncontrolled resource consumption in xmlhttprequest library

proof-of-concept showing a denial of service vulnerability in a Node.js web server if it uses the xmlhttprequest library to make outgoing HTTP requests
Apr 16, 2023 ~ 3 min read
security
vulnerability
advisory
cve
xmlhttprequest
denial of service
dos
uncontrolled resource consumption
Prevent clickjacking on Drupal and other Apache web applications

Updating Apache server configuration to use mod_headers to prevent clickjacking security issues
Mar 12, 2015 ~ 1 min read
security
http
clickjacking
Apache Obfuscation by disabling trace and server tokens

Preventative measures to mitigate leaking the server software running
Mar 9, 2015 ~ 1 min read
security
Reviewing book – Learning Pentesting for Android Devices

Getting started with penetration testing for Android devices
May 8, 2014 ~ 2 min read
pentesting
security
android
writing
Advanced Poll 6.x versions – XSS Vulnerability

Disclosing a Cross-site Scripting vulnerability in the Advanced Poll module for Drupal.
Oct 28, 2013 ~ 1 min read
drupal
security
xss
bugbounty
daloRADIUS operators handling change

RBAC, ACLs, operators, groups, and other access control related changes in daloRADIUS
May 9, 2010 ~ 1 min read
daloradius
security
auth
nessus3 install issue on ubuntu

how to fix Nessus3 and its missing dependency
Jul 14, 2006 ~ 1 min read
nessus
security
pentesting
linux
ubuntu
MythEmail Plugin

MythEmail plugin for the glorious MythTV all-around streamer and home media entertainment system
Jul 10, 2006 ~ 1 min read
nessus
security
pentesting
linux
ubuntu