Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
1.
▲
HTTP Response Splitting Vulnerability on reddit.com
(nealpoole.com)
80 points
there
15 years ago
26 comments
2.
▲
Avoiding Arbitrary Code Execution with nginx and php-fastcgi
(nealpoole.com)
61 points
nbpoole
15 years ago
15 comments
3.
▲
Cross-Site Scripting? In PHP Notices? It's more likely than you think
(nealpoole.com)
43 points
nbpoole
15 years ago
14 comments
4.
▲
Preventing CSRF Attacks with AJAX and HTTP Headers
(nealpoole.com)
39 points
swah
14 years ago
4 comments
5.
▲
Hacking Google Calendar
(nealpoole.com)
25 points
dfield
16 years ago
5 comments
6.
▲
Reports from Google’s Vulnerability Reward Program
(nealpoole.com)
10 points
nbpoole
15 years ago
discuss
7.
▲
XSS Filters can be used to bypass clickjacking (scroll down to point 3)
(nealpoole.com)
8 points
simonw
15 years ago
2 comments
8.
▲
Directory Traversal via PHP Multi-File Uploads
(nealpoole.com)
8 points
wglb
15 years ago
1 comment
9.
▲
Preventing CSRF Attacks with AJAX and HTTP Headers
(nealpoole.com)
6 points
wglb
15 years ago
2 comments
10.
▲
Arbitrary Code Execution with Null Bytes, PHP, and Old Versions of nginx
(nealpoole.com)
5 points
nbpoole
15 years ago
discuss
11.
▲
Lessons from Facebook's Security Bug Bounty Program
(nealpoole.com)
3 points
nbpoole
15 years ago
discuss
12.
▲
How Does Cross-Site Scripting Become Arbitrary Code Execution?
(nealpoole.com)
3 points
nbpoole
15 years ago
discuss
13.
▲
Java Deployment Toolkit Plugin Does Not Validate Installer Executable
(nealpoole.com)
2 points
wglb
15 years ago
1 comment
14.
▲
Directory Traversal / Local File Inclusion on addons.mozilla.org
(nealpoole.com)
2 points
nbpoole
15 years ago
1 comment
15.
▲
XSS Filter Bypass in validator Node.js Module
(nealpoole.com)
2 points
QUFB
13 years ago
discuss
16.
▲
CSRF Token Disclosure in Coinbase
(nealpoole.com)
2 points
wglb
13 years ago
discuss
17.
▲
How Hard Is It To Blacklist A Java Applet?
(nealpoole.com)
2 points
wglb
13 years ago
discuss
18.
▲
Security Vulnerabilities in Popular Flash Applets (SWFUpload, Plupload)
(nealpoole.com)
2 points
nbpoole
14 years ago
discuss
19.
▲
Safari for Windows handles text/plain content improperly (CVE-2010-1420)
(nealpoole.com)
2 points
wglb
15 years ago
discuss
20.
▲
File uploads allow for cross-site scripting in Wordpress
(nealpoole.com)
1 point
nbpoole
15 years ago
1 comment
21.
▲
Setting up PHP-FastCGI and nginx? Don’t trust the tutorials.
(nealpoole.com)
1 point
WhiteDawn
12 years ago
discuss
22.
▲
(Unpatched) Reflected XSS in JW Player 5
(nealpoole.com)
1 point
wglb
13 years ago
discuss
23.
▲
Bad Changes to eBay’s Responsible Disclosure Policy
(nealpoole.com)
1 point
tshtf
13 years ago
discuss
24.
▲
CSRF, Clickjacking, and the Role of X-Frame-Options
(nealpoole.com)
1 point
tshtf
14 years ago
discuss
25.
▲
Twitter White Hat Vulnerabilities
(nealpoole.com)
1 point
wglb
14 years ago
discuss
26.
▲
CSRF, Clickjacking, and the Role of X-Frame-Options
(nealpoole.com)
1 point
wglb
14 years ago
discuss
27.
▲
Directory Traversal via PHP Multi-File Uploads
(nealpoole.com)
1 point
dominis
14 years ago
discuss
28.
▲
Java Deployment Toolkit Plugin Does Not Validate Installer Executable
(nealpoole.com)
1 point
wglb
15 years ago
discuss
29.
▲
Java Applet Same-Origin Policy Bypass via HTTP Redirect
(nealpoole.com)
1 point
wglb
15 years ago
discuss