THP Wisec USH DigitalBullets TheHackersPlace network

The WIse SECurity

.italian
.english

Wisec Home SecSearch Projects Papers Security Thoughts

News

Flash Application Testing: A New Vector for XSS and Cross Site Flashing.

IE and Firefox Digest Authentication Request Splitting.

Php import_req_var globals overwrite Advisory.

Subverting Ajax - The Paper.

Adobe Plugin Multiple Vulnerabilities.

Wisec@23rd.CCC Congress in Berlin - 29th Dec. 2006 - Subverting Ajax.

SecSearch. Search Engine for Security Community.

Mysql COM_TABLE_DUMP Flaws.

Mysql Anonymous login Flaw.

A new project to stop embed passwords in Php scripts: PassBroker.

MySQL new three vulnerabilities unleashed

PHP shmop safemode bypass

PHP RFC1867 Vuln - POC Released!

Search on Wisec

Vulnerabilities I found

(04/2006). MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution.

(04/2006). Mysql Anonymous Login Handshake Information Leakage.

Mysql CREATE FUNCTION libc arbitrary code execution. (03/2005)

Mysql CREATE FUNCTION mysql.func table arbitrary library injection (03/2005)

MySQL insecure temporary File Creation (03/2005)

PHP shmop safemode bypass (10/2004)

Php Vulnerability RFC1867 - POC (10/2004)

Wisec is brought to you by...

Wisec is written and mantained by Stefano Di Paola.

Wisec uses open standards, including XHTML, CSS2, and XML-RPC.

All Rights Reserved 2004
All hosted messages and metadata are owned by their respective authors.