Vaibhav Kumar SrivastavaServiceNow Template Injection Vulnerability: CVE-2024–4879, CVE-2024–5178, CVE-2024–5217ServiceNow is a comprehensive platform for business transformation, offering a wide range of modules that can be utilized for various…Jul 172Jul 172
Vaibhav Kumar SrivastavaCVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3The Nexus Repository Manager, a crucial tool for managing, storing, and distributing development artifacts, has recently been found to have…Jun 5Jun 5
Vaibhav Kumar SrivastavaCVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in CheckpointCheck Point has issued a urgent warning regarding a zero-day vulnerability discovered in its Network Security gateway products. This…May 311May 311
Vaibhav Kumar SrivastavaBrowser Extension Security Testing: Part 1A browser extension, also known as a browser add-on or plugin, is a small software program that extends the functionality of a web browser…Apr 23Apr 23
Vaibhav Kumar SrivastavaCitrix Bleed: CVE-2023–4966CVE-2023–4966, another vulnerability associated with Citrix, presents a significant concern. This sensitive information disclosure…Oct 28, 2023Oct 28, 2023
Vaibhav Kumar SrivastavaCVE-2023–32315: Administration Console authentication bypassOpenfire is an open-source XMPP (Extensible Messaging and Presence Protocol) server that enables real-time communication through instant…Jul 29, 2023Jul 29, 2023
Vaibhav Kumar SrivastavaCitrix Gateway XSS & Open Redirection (CVE-2023–24488)Hello, everyone! The Citrix gateway CVE has been in the news a lot over the last few weeks. Let’s explore how one can identify the…Jul 27, 2023Jul 27, 2023
Vaibhav Kumar SrivastavaThe Cost of Neglect: HTML InjectionI understand that you have already read several blogs on HTML injection, but this one is not solely focused on HTML injection. Instead, it…May 15, 20232May 15, 20232
Vaibhav Kumar SrivastavaAccount Takeover (Insecure Design+ Response manipulation)Hey Everyone! Let’s learn something new as it is going to be fun learning today.Jan 30, 20231Jan 30, 20231
Vaibhav Kumar SrivastavaPSScriptAnalyzer: SAST Tool for PowerShell ScriptPowerShell Script Analyzer, also known as PSScriptAnalyzer, is a static code analysis tool (SAST tool), which examines the PowerShell…Oct 7, 2022Oct 7, 2022