Articles

• The Curious Case of Apple iOS IKEv2 VPN On Demand
• Gmail Android app insecure Network Security Configuration.
• Reviewing Android Webviews fileAccess attack vectors.
• Droidstat-X, Android Applications Security Analyser Xmind Generator
• Uber Hacking: How we found out who you are, where you are and where you went!
• Google AOSP Email App HTML Injection
• XXE ALL THE THINGS!!! (including Apple iOS's Office Viewer)
• Good for Enterprise Android HTML Injection (CVE-2014-4925)
• From 0-day to exploit - Buffer overflow in Belkin N750 (CVE-2014-1635)
• Outlook.com android app HTML injection vulnerability
• Piercing SAPRouter with Metasploit

Latest Advisories

• CVE-2021-31858 Stored Cross-Site Scripting in DotNetNuke
• CVE-2021-42567 Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
• CVE-2021-44263 Cross-Site Scripting in Gurock TestRail
• CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
• CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin

Latest Articles

• The Curious Case of Apple iOS IKEv2 VPN On Demand
• Gmail Android app insecure Network Security Configuration.
• Reviewing Android Webviews fileAccess attack vectors.
• Droidstat-X, Android Applications Security Analyser Xmind Generator
• Uber Hacking: How we found out who you are, where you are and where you went!