Twitter Go on Twitter

Blog

Twitpic - Share photos and videos on Twitter

Sberbank Russia XSS :D (old one)
Read more

Arlissa & Nas - Hard To Love Somebody

Read more

Read more

Small note

For these that still thinking that those screens from Yahoo are fake/manipulated(there are few people):the answer is very simple-just use "document.write" before "alert" e.g: document.write('something');alert(/another something/.source) if you don't want to disclose content of  the current page

Here is example:




Read more

Several XSS flaws in different Yahoo! sub-domains

One of these subdomains have a very "strong" filter:<script> is blocked ...but no surprise <ScRipT> is allowed 





that's for now...


Read more

Do you believe...







Read more

XSS in flickr.com

Several days ago,i just found a trivial cross-site scripting vulnerability in flickr.com

Vulnerability was fixed within a hour after initial report.Thanks to Joshua Cohen (@heyjoshua).

Some screenshots:


Read more

Twitpic - Share photos and videos on Twitter

Sberbank Russia XSS :D (old one)
Read more

Arlissa & Nas - Hard To Love Somebody

Read more

Read more

Small note

For these that still thinking that those screens from Yahoo are fake/manipulated(there are few people):the answer is very simple-just use "document.write" before "alert" e.g: document.write('something');alert(/another something/.source) if you don't want to disclose content of  the current page

Here is example:




Read more

Several XSS flaws in different Yahoo! sub-domains

One of these subdomains have a very "strong" filter:<script> is blocked ...but no surprise <ScRipT> is allowed 





that's for now...


Read more

Do you believe...







Read more

XSS in flickr.com

Several days ago,i just found a trivial cross-site scripting vulnerability in flickr.com

Vulnerability was fixed within a hour after initial report.Thanks to Joshua Cohen (@heyjoshua).

Some screenshots:


Read more